search

yyyar / gobetween

:cloud: Modern & minimalistic load balancer for the Сloud era
http://gobetween.io
Other
1.91k stars 210 forks source link

HTTP to HTTPS redirection #300

Closed skakee closed 3 years ago

skakee commented 3 years ago

Can gobetween be setup to reply to all HTTP requests with a redirect to HTTPS of the same URL?

jpic commented 3 years ago

That wouldn't be a very secure way to enforce HTTPS: vulnerable to MITM.

skakee commented 3 years ago

jpic, there might be a misunderstanding here. Redirecting HTTP requests to HTTPS is standard operating procedure (see the site you have listed in your profile, http://yourlabs.org for an example). 


Request URL: http://yourlabs.org/
Request Method: GET
Status Code: 302 Found
Remote Address: 212.83.134.104:80
Referrer Policy: strict-origin-when-cross-origin
Content-Length: 5
Content-Type: text/plain; charset=utf-8
Date: Wed, 07 Oct 2020 14:08:28 GMT
Location: https://yourlabs.org/
illarion commented 3 years ago

Sorry, gobetween is not an http proxy, it works on sockets (l4) layer. What can it do for you is to serve secure connections (any tls protocol including https) for an unsecured backend (e.g. http).