search

not-kennethreitz / flask-sslify

Force SSL on your Flask app.
https://pypi.python.org/pypi/Flask-SSLify
BSD 2-Clause "Simplified" License
504 stars 85 forks source link

Terminate SSL at Elastic Load Balancer or Flask App with SSLify? #34

Closed vfr292 closed 9 years ago

vfr292 commented 9 years ago

Hi,

This isn't a problem with SSLify. It is a design decision I'm faced with, but not one for which I have any experience.

I'm building a secure website on Amazon Elastic Beanstalk and have the option to terminate the SSL connection at the Elastic Load Balancer (and pass un-encrypted data over the amazon network to my app) or have the Elastic Load Balancer pass the encrypted data to my app.

I don't know the pro and cons of either approach, do you by chance have any advice? If not, any suggestions about where I should turn?

Thank you so much!

~Victor

vfr292 commented 9 years ago

Hi,

After some tinkering terminating the secure connection at the ELB is the approach recommended by AWS. Flask-SSLify works great behind the elastic load balancer (ELB)! The ELB includes a "X-Forwarded-Proto: https" header when receiving an https request which Flask-SSLify recognizes and does not issue a redirect.

Thank you for the great library!

~Victor