Disable AWS ELB health check

We were also having a transient "boxes fail health checks for no good reason" problem and from working with Amazon support it turns out there is an interaction between the ELBs and the Apache KeepaliveTimeout. If the health check interval is larger than the timeout then the healch checker can try to reuse a bad connection and it fails the test and tosses your instance out of the ELB. They called our 60 second interval "unusually long." We're messing with it now but try setting your interval low and matching it with the keepalive setting in Apache.

This question has been asked on the AWS forums and the answer was to set up a default vhost that handles traffic on the bare IP address and doesn't do any redirects. This will mean that normal users who hit your IP address will not be redirected either.

You could alternatively specify the path part of the URL that you want the ELB to request and ignore that path by adding another RewriteCond:

RewriteCond %{HTTP_HOST} !^www\.example\.com$ [NC]
RewriteCond %{REQUEST_URI} !^/health-check$
RewriteRule ^ http://www.example.com/$1 [R=301,L]

Normal users who hit that URL will not be redirected.

You could also use the same technique to detect the User-Agent of the ELB.

RewriteCond %{HTTP_HOST} !^www\.example\.com$ [NC]
RewriteCond %{HTTP_USER_AGENT} !^ELB-HealthChecker
RewriteRule ^ http://www.example.com/$1 [R=301,L]

Normal users who spoof their User-Agent will not be redirected.

Or the internal IP address of the ELB.

RewriteCond %{HTTP_HOST} !^www\.example\.com$ [NC]
RewriteCond %{REMOTE_ADDR} !^10\.
RewriteRule ^ http://www.example.com/$1 [R=301,L]

For this option to work, you will require either mod_rpaf (for Apache 2.2) or mod_remoteip (for Apache 2.4) to modify the REMOTE_ADDR variable to contain the correct part of the contents of the X-Forwarded-For header. As long as you set that up correctly, it shouldn't be possible for a normal user to avoid the redirect response.