我们正在实现重定向规则以强制我们的流量使用 SSL。我想知道强制所有流量使用 SSL 的最佳方式是什么?我们的架构有一个 CDN(Akamai),它位于 ELB 之前,位于我们的 Web 应用程序服务器(tomcat)之前。
最佳答案
来自 https://serverfault.com/a/887312/92022 :
Do it in Akamai. The closer to the edge your redirect takes place, the faster the request response time will be for your users.
https://blogs.akamai.com/2016/02/redirecting-on-the-edge.html
If you're confident that you can serve your entire domain over HTTPS now and into the future then you should also look into enabling HSTS. This will mean only first time visitors ever get the HTTP->HTTPS redirect, then the HSTS header gets cached in the browser and thereafter all requests are automatically upgraded to HTTPS by the browser before the request is initiated.
关于tomcat - 在 CDN、Web 服务器或代码级别在我的网站上强制使用 SSL 是否最佳?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/47637475/