top of page

ELB.1

Application Load Balancer should be configured to redirect all HTTP requests to HTTPS

Severity

Cloud Platforms

Resources

Related Standards

Automated

MEDIUM

AWS

Elastic Load Balancing

AWS Foundational Best Practice, AWS Well-Architected, PCI DSS v3.2.1, CDR, ISO27001, SOC2, NIST CSF, NIST.800-53.r5,

This AWS control checks whether HTTP to HTTPS redirection is configured on all HTTP listeners of Application Load Balancers. The control will fail if one or more HTTP listeners of Application Load Balancers do not have HTTP to HTTPS redirection configured.

bottom of page