I have and ASP.NET MVC application hosted under IIS on a EC2 Instance.
I can access the application without any problems through the EC2 DNS once I set the proper binding in IIS
http - EC2 DNS - port 80
But if I add an Elastic Load Balancer and then I try to access that web application through the Load Balancer DNS the only way I can get it working is by adding an empty binding in IIS
"empty host name for http:80"
But this can't be ok.
If I don't add this the ELB sees my instance as unhealthy and when I access the ELB DNS I just get a HTTP 503 Service Unavailable.
The EC2 instance is in a Auto Scaling group.
I've tried modifying the security group of that instance from allowing all IPs for HTTP:80 to only allowing the Load Balancer Ip (amazon-elb/amazon-elb-sg)
Any ideas what I'm doing wrong?
Thanks
I am running several IIS servers behind ELB. Here are things that you need to ensure:
The ELB security group is allowed to accept port 80 traffic from anywhere (0.0.0.0/0)
The ELB security group is allowed to send outbound port 80 traffic to your EC2 instance where IIS is running. This point was valid for the ELBs that are set inside VPC. Hence please ignore this.
The EC2 security group of the EC2 instance where you have IIS running, should be allowed to accept port 80 traffic from the Load Balancer.
If this whole set-up is in VPC then there are few other things you need to check. so let us know if this is the case
No configuration changes on IIS are needed for sure.
Related
I have set up a fleet of Ec2 servers in a autoscaling group that has NGINX serving SSL certificates of multiple domains. But the issue is when I add the loadblancer url as the CNAME I get a ERR_TOO_MANY_REDIRECTS error whereas if I add the IP of one of the server as A record for a domain it works as expected. Not sure what to do in this case so any help will be greatly appreciated
Currently, I am working on a Wordpress application and I am using AWS hosting. My domain is in GoDaddy.com and I have deployed the application in elastic beanstalk. I have created load balancer and also I need to run the application through HTTPS.
I have done my research and I think I found the right way, but it's not working for HTTPS. when I browse on HTTP on port 80, it runs well. Now I am helpless.
Here's what I have done so far:
1) I created a hosted zone on AWS Route 53 for the domain named "example.com". There are two records are created, NS and SOA.
2) Then, in GoDaddy, I added NS records from AWS as Custom Nameservers.
3) After that, I created A record for the domain in the AWS hosted zone, set ALIAS targeted to the Load Balancer of the Elastic Beanstalk environment.
4) Then, I changed the SITE URL from the wp_options table the wordpress application database.
After doing up to this, my application was running in HTTP. But as I want to change it to HTTPS. So,
1) I requested a certificate from AWS Certificate Manager and created CNAME (provided by ACM after requesting certificate) record in the hosted zone.
2) After the certificate is issued, I edited the listener from EC2 >> Load Balancer >> Listener and changed the protocol from HTTP to HTTPS and also allowed port on Security groups.
3) Also, I changed, the SITE URL from WordPress database and changed it from "http://example.com" to "https://example.com" but it was not working.
4) So I went to Elastic Beanstalk >> Configuration >> Load Balancer and added listener. After the environment is saved and restarted, still, the site was not running on HTTPS [ HTTP 408 ERROR IS SHOWN ]. But if I change SITE URL to "http://example.com", it works
I have found a solution, which says to use RedirectURL and set it to server config but I don't want to do that.
I also found this solution which suggest to Export Zone File and import it to AWS hosted zone. But whenever I click Export Zone File(Unix), the file downloaded is shown empty. I tried this for other accounts, still, this problem exists. So I did not do that.
Sorry for the long story, but I really need this help.
I have solved the issue.
In my load balancer port configuration, I previously set load Balancer port 443 and instance 443. here what I need to do is to call the load balancer on port 443 and backend make the backend call on port 80 and enable https on WordPress.
So I kept load balancer port 443 and changed the instance port to 80. After that, on the browser, there was too many redirects error shown. So then what I needed to do is that add $_SERVER['HTTPS'] = 'on' on wp-config. And then everything was running smoothly.
I hope this will help if some
I've set up a load balancer using ARR on my server. I have two content servers that are hosting the web application and its API. Individually I am able to access the websites.
I've added the servers to a new Server Farm, I've given it a name as well.
Now, here comes the catch.
I don't have a DNS assigned to the server IP.
I'm not sure how to access the web sites through the load balancer. Is there a port on the server on which the farm works? or a URL?
I have a Django app deployed on AWS Elastic Beanstalk. Django is configured to only serve requests that comes for a specific hostname (ALLOWED_HOSTS). If the host information in the request doesn't match, it will raise return 500 response code, that is fine.
But, I have noticed that I get quite many of those, either sending requests vis IP address, or via other domain names. So, I would like to configure the setup so that the load balancer rejects the request if it doesn't have the proper hostname in the header information.
Is this possible to do? I have been trying to go over settings in the AWS Console, but cannot find any information how to do this. I could patch the EC2 instances to reject those request so it doesn't reach Django at all, but I would like to stop it as early as possible.
Flow now:
Client -> Load Balancer -> EC2 instance -> Nginx -> Django
<-500 error- Django
What I want:
Client -> Load Balancer
<-reject- Load Balancer
Elastic Load Balancer cannot be configured to filter out requests.
If your allowed connections are based on IP address, then you can use VPC ACLs to allow only connections from certain IP addresses. All others will receive failed connections at the ELB level.
If your allowed connections are not based on IP address you can take a look at CloudFront in combination with Amazon Web Application Firewall (WAF).
WAF can be configured to filter at the web request level by IP address, URL, query string, headers, etc.
I am a beginner and trying to send http requests through elastic load balancer. Could anybody explain briefly about the steps that I need?
set up Elastic Load Balancer A
get DNS of the Elastic Load Balancer A
register EC2 instances to the Elastic Load Balancer A
send traffic to the DNS of Elastic Load Balancer A
But I have no idea what kind of configuration or set up I need to put in the EC2 instances that are to be attached to this Elastic Load Balancer A. Do I need to set up Listener? If so, how do I set this?
I just want to send http request under the ip of EC2s and Elastic Load Balancer A so that I get different IPs assigned to each requests.
Thanks a lot!
By default, Amazon EC2 instances behind an Elastic Load Balancer serve traffic on port 80 (HTTP). When creating the Load Balancer, you can configure which ports should receive traffic (80, 442, 1024+).
Think of it this way... The Load Balancer simply sits "in front" of the EC2 instances. If a user was to go directly to your EC2 instance directly (eg enter its IP Address in a web browser), they should see a website. Going to the Load Balancer does the same thing, but it distributes the requests amongst multiple EC2 instances.
So, in most cases, it's just a matter of running a web server or app on your EC2 instance running on port 80.