2 Answers
- Newest
- Most votes
- Most comments
1
Besides modifying ALB listener rules to redirect HTTP to HTTPS, and adding HSTS header, you can implement HSTS with CloudFront.
Steps on CloudFront include
- Modify viewer policy to redirect from HTTP to HTTPS
- Either use the Managed Response Header Policy which includes
Strict-Transport-Security
header, e.g.. SecurityHeadersPolicy, or create a custom policy with STS header
Relevant content
- asked 2 years ago
- Accepted Answerasked 6 months ago
- AWS OFFICIALUpdated 4 months ago
- AWS OFFICIALUpdated 2 months ago
- AWS OFFICIALUpdated 3 months ago
- AWS OFFICIALUpdated 4 months ago