The X-Forwarded-Proto header value of the HTTP request is used in this tutorial, and the rewrite rules are applied if the client protocol is not HTTPS. Here is how to force a redirect to HTTPS behind AWS ELB using Apache, Nginx, or IIS web servers.

1. Apache

Edit the Apache VirtualHost configuration file in a text editor and add the following content. Make sure the rewrite module is enabled in the Apache server.

2. Nginx

Edit Nginx HTTP server block for your domain to configure force redirection. Add the following content under the location block to redirect all HTTP traffic to the HTTPS.

3. IIS

The windows servers with IIS web server edit the web.config file and add the following code under the section:


If you have an AWS application and are using an AWS load balancer, this blog post will show you how you can redirect all traffic coming to your EC2 instances over HTTPS (and not just on port 443).