peppeocchi/laravel-elb-middleware

Laravel middleware for Elastic Beanstalk

v3.0 2019-07-05 07:43 UTC

README

This middlware will ensure that your Laravel app will correctly recognise secure requests when running on Elastic Beanstalk with a Load Balancer. NOTE: make sure your web server is not publicly accessible and that the Load Balancer only have access (you can manage that through AWS security groups).

There is also a gist that does the exact same thing.

Installation

You can install this middleware through Composer

composer require peppeocchi/laravel-elb-middleware

Usage

The simplest way to use the middleware is to add it as a global middleware in app/Http/Kernel.php

...
class Kernel extends HttpKernel
{
    /**
     * The application's global HTTP middleware stack.
     *
     * These middleware are run during every request to your application.
     *
     * @var array
     */
    protected $middleware = [
        \Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode::class,
        \GO\ElasticBeanstalkHttps::class
    ];
...

but you are free to add it to a middleware group or directly into your controllers.

TL;DR

On Elastic Beanstalk (with a load balancer), all the requests are being "proxied" to port 80. The load balancer will add the x-forwarded-* headers to the request.

Laravel Request inherits from Symfony\Component\HttpFoundation\Request, so it already supports the x-forwarded-* headers, but it needs to be configured to look at those headers or you are going to get incorrect informations about the request (eg. $request->isSecure() will always return false).

The Amazon ELB don't have a static IP or a range to target, so you'll need to trust all proxies. Of course you need to make sure your web server will respond only to the load balancer.

Read also

Symfony documentation