Header Image -

Tag Archives

3 Articles

HSTS – The Missing Summary

by Jamey 0 Comments
HSTS – The Missing Summary

HSTS (HTTP Strict Transport Security) is a feature supported by all major browsers, and it’s a method for websites to declare that they should ONLY be accessed securely over HTTPS and never over an unencrypted HTTP connection. If a site has an HSTS policy, browsers will refuse all insecure connections to that site AND prevent users from accepting insecure SSL certificates. This, however, can come with certain risks to availability if not implemented correctly, as you will read later…

11 views

Nginx HTTP-to-HTTPS AND domain.com-to-WWW Redirect Using AWS ELB for SSL Termination

by Jamey 0 Comments
Nginx HTTP-to-HTTPS AND domain.com-to-WWW Redirect Using AWS ELB for SSL Termination

You are running Nginx as a webserver or reverse proxy, and you are terminating SSL on an Amazon Elastic Loadbalancer.

The loadbalancer is passing HTTP traffic from port 80 to HTTP port 80 on your EC2 instance(s).

The loadbalancer is decrypting HTTPS traffic from port 443 and also passing it on to HTTP port 80 on your EC2 instance(s).

You are looking for the following functionality:

http://domain.com => https://www.domain.com
https://domain.com => https://www.domain.com
http://www.domain.com => https://www.domain.com
https://www.domain.com => https://www.domain.com

3 views