I've a tomcat running along with the apache2 on Amazon AMI. Till now all of my users were accessing my webapp by putting port number 8080 in url and then tomcat does auto-redirection to 8443.
But now I want all my users to access my app from 80/443, so I've configured ssl on apache to forward all the request on port 80 to 443 and 443 forwards to port 8080. Everything works well.
The problem is all my existing user's browser address bar have port number 8443 in url as an autocomplete and users are almost likely to hit that url only. So I want to put-in configuration that will redirect all 8080/8443 traffic to port 80.
I tried installing iptables-services but could not understand it properly. I also have a doubt whether it will just end up in endless redirection loop, port 8080->80->8080. So please suggest me a way to handle this more appropriately.
Best Answer
You can reconfigure Tomcat to listen on some other port, e.g. 8088 and then configure Apache:
Any traffic on your http://example.com, http://example.com:8080 and https://example.com:8443 redirect to https://example.com (ie port 443). These won't be passed through to your Tomcat.
Only pass through traffic from https://example.com (ie port 443) to Tomcat port 8088.
That will solve your redirects as well as makes using SSL mandatory.
Alternatively you can do all the above with AWS Application Load Balancer - it can do the redirects, SSL termination and only the SSL traffic from port 443 pass through to your Tomcat. The added benefit is that you can use Amazon Certificate Manager to manage and renew your SSL certificates.
Hope that helps :)