John Davidson

amazon web services - AWS & PHP: https website redirects to http when there is no slash at the end

0 comments
Message:


We have a client that hosts their IIS web server on AWS. When navigating to a particular PHP web application on this server, it works when there is a slash on the end, but not when it is absent.


this works:
https://example.com.au/application/


However, if one were to enter this into the address bar:
https://example.com.au/application


it redirects to the equivalent http address with a slash on the end:
http://example.com.au/application/


http is disabled via the firewall, so the result is an error.


Here is the request details in Chrome debugger


So my question is, what does my client need to check to ensure this redirect does not occur? or that instead of redirecting to HTTP, it redirects to HTTPS?


Additional info:



  • This same issue does not seem to occur with .NET web applications. Eg 'https://example.com.au/dotnetapp' will not redirect to 'http://example.com.au/dotnetapp/'.

  • There are no rules configured in "URL rewrite"

  • IIS logs show requests when the HTTPS url is triggered, but not the HTTP one.
    Edit: This seems to be due to browser caching. After disabling browser caching, i can see the 301 entry in the log files.

  • 'index.php' is set as a default document



My Answer:
To prevent the redirect from HTTPS to HTTP when the slash is missing at the end of the URL, your client can try the following steps:

1. Check the PHP application code: Make sure that the PHP application code does not have any hardcoded redirects to HTTP. Look for any code that may be causing the redirect and update it to redirect to HTTPS instead.

2. Check the server configuration: Review the server configuration settings in IIS to ensure that HTTPS is properly configured and set as the default protocol. Check for any rules or settings that may be causing the redirect to HTTP.

3. Check the AWS Load Balancer settings: If the application is behind an AWS Load Balancer, check the Load Balancer settings to ensure that it is configured to forward traffic to the application using HTTPS.

4. Clear browser cache: As you mentioned that the issue seems to be related to browser caching, have your client clear the browser cache and try accessing the application again to see if the issue persists.

5. Enable HTTPS redirect: You can also configure a redirect rule in IIS to automatically redirect HTTP requests to HTTPS. This can help ensure that all requests are served over a secure connection.

By following these steps, your client should be able to prevent the redirect from HTTPS to HTTP when the slash is missing at the end of the URL for their PHP web application hosted on AWS.

Rate this post

4 of 5 based on 9938 votes

Comments




© 2024 Hayatsk.info - Personal Blogs Platform. All Rights Reserved.
Create blog  |  Privacy Policy  |  Terms & Conditions  |  Contact Us