AWS-ELBv2-ELBv2-HTTPS-Only
Severity: High
Description: This control ensures that ELBv2 Load Balancer listens for only encrypted protocols. Classic Load Balancers can listen to multiple protocols such as TCP, SSL, HTTP, and HTTPS. The use of unencrypted protocols is not recommended.
Remediation Steps:
Perform following to delete a listener from ELB :
Login to the AWS Management Console at https://console.aws.amazon.com as root user.
Navigate to EC2Â console.
In the navigation pane, choose Load Balancers.
Select the load balancer.
Got to Listeners tab, click Edit.
Select all listeners working on unencrypted protocols such as HTTP.
Select Delete, When prompted for confirmation.
Choose Yes, Delete.
Important:
Encrypted protocols such as HTTPS and SSL should be used as it helps in maintaining the confidentiality and integrity of the data.
Reference:
Listeners for Your Classic Load Balancer - Elastic Load Balancing
https://docs.aws.amazon.com/cli/latest/reference/elb/delete-load-balancer-listeners.html
https://docs.aws.amazon.com/elasticloadbalancing/latest/application/delete-listener.html
Blue Hexagon Proprietary