I force all traffic to use https. It is much simpler to do the redirect at the application layer but it should really be done at the proxy before hitting the application. Here is the eb.config I use:
Note: This CANNOT be done with just one line in container_commands as the bootstrap script doesn’t like the escaped slashes in the return statement; it will error.
files: /tmp/deployment/nginx_https_redirect.sh: mode: "000755" content: | sed -i 's/8080;/8080;\n if ($http_x_forwarded_proto != https) {\n return 301 https:\/\/$http_host$request_uri;\n }/' /tmp/deployment/config/#etc#nginx#conf.d#00_elastic_beanstalk_proxy.conf container_commands: nginx_https_redirect: command: "/tmp/deployment/nginx_https_redirect.sh"