Adding a second ec2 instance to target group causing “too many redirects” error (redirect loop)

0
votes

I'm trying to set up Cloudfront->Application Elastic Load Balancer->Auto Scaling->EC2 AWS stack.

Everything works until it scales to more than 1 EC2 instance, which then causes a redirect loop with the error message "Too many redirects".

Here are the related settings:

  1. I've enabled an ACM SSL certificate and attached it to the CloudFront distribution.

  2. DNS pointed to CloudFront domain name.

  3. Cloudfront 'Origin Protocol Policy' = HTTP Only

  4. ELB Listener 1 = HTTP:80 redirects to HTTPS:443 ELB Listener 2 = HTTPS:443 forwards to the target group of 2 EC2 instances

  5. .htaccess

RewriteEngine On    
RewriteCond %{ENV:REDIRECT_STATUS} ^$
RewriteRule ^app\.php(?:/(.*)|$) %{ENV:BASE}/$1 [R=301,L]
RedirectMatch 302 ^/$ /app.php/

Please help me solve this redirect loop and explain why the current settings are not working.

Any time you spend on this is highly appreciated.

2
amazon-web-servicesapache.htaccessamazon-ec2amazon-elb
@MarkB Each ec2 uses the same launch template. We don't create them manually. - Andre Van Veen

2 Answers

0
votes

You appear to be using both mod_rewrite and RedirectMatch to perform two different redirects:

This appears to redirect any request starting with app.php to the base website URL:

RewriteRule ^app\.php(?:/(.*)|$) %{ENV:BASE}/$1 [R=301,L]

This appears to be redirecting any request to / coming in to /app.php/:

RedirectMatch 302 ^/$ /app.php/

These rules seem to be in direct conflict with one another. If you try to request either the root website path /, or /app.php you are going to get into a redirect loop.

This condition tells Apache to track redirects internally in order to prevent a redirect loop:

RewriteCond %{ENV:REDIRECT_STATUS} ^$

However that only works as long as you have one server. When you have multiple load-balanced servers they can't track if a redirect has been issued by another server in the pool.

I suggest taking a look at these redirect rules and only using one of them depending on what your specific needs are.

0
votes

I was able to resolve this, temporarily, with Mark B's answer.

"You didn't include any info about logging in and user sessions in your question. For the short term, I would enable sticky sessions on the load balancer. Long term I would look into a distributed session store." – Mark B