- Newest
- Most votes
- Most comments
Hello,
The X-Forwarded-Port
and X-Forwarded-For
are just headers used to identify the destination port that the client used to connect to the load balancer and the IP address of a client when you use an HTTP or HTTPS load balancer respectively.
It doesn't mean that the application will receive the connection on that port. Instead, what is occurring is that the NGINX container is likely reaching out the Rails application using the HTTP port (without TLS) and it is being redirected due to force_ssl
flag.
If you really need to have TLS for all request path, you'll need to configure something like AppMesh or a custom solution using Envoy.
In general, terminating secure connections at the load balancer and using HTTP on the backend might be sufficient for your application. Network traffic between AWS resources can only be listened to by the instances that are part of the connection. However, if you are developing an application that needs to comply with strict external regulations, you might be required to secure all network connections.
Relevant content
- asked 10 months ago
- AWS OFFICIALUpdated a month ago
- AWS OFFICIALUpdated 7 days ago
- AWS OFFICIALUpdated 8 months ago
- AWS OFFICIALUpdated 2 months ago