Configure non-standard HTTP headers - Server Load Balancer

This topic describes the non-standard HTTP headers supported by Application Load Balancer (ALB) and how to add a non-standard HTTP header to a listener. You can customize the non-standard headers to implement features.

Non-standard HTTP headers supported by ALB

An HTTP header is a part of an HTTP request or response and carries additional information about the request or response. You can configure non-standard HTTP headers on a browser or a web server based on your business requirements. The following table describes the non-standard HTTP headers supported by ALB.

Header	Description	Listener protocol
X-Forwarded-For	Listeners can use the `X-Forwarded-For` header to obtain client IP addresses. Format: `X-Forwarded-For: <client-ip-address>, <proxy1>, <proxy2>, …` `X-Forwarded-For` is enabled for ALB listeners by default. For more information about how to enable ALB to preserve client IP addresses, see Enable ALB to preserve client IP addresses.	HTTP HTTPS
SLB-ID	Listeners can use the `SLB-ID` to obtain ALB instance IDs.	HTTP HTTPS QUIC
X-Forwarded-Proto	Listeners can use the `X-Forwarded-Proto` header to obtain the protocol between the client and the listener. This way, applications can identify the protocol in the `X-Forwarded-Proto` header and perform redirects. Format: `X-Forwarded-Proto: <originatingProtocol>`	HTTP HTTPS QUIC
X-Forwarded-Port	Listeners can use the `X-Forwarded-Port` header to obtain the port over which the client and the listener communicate. Format: `X-Forwarded-Port: <port>`	HTTP HTTPS QUIC
X-Forwarded-Clientcert-subjectdn	Listeners can use the `X-Forwarded-Clientcert-subjectdn` header to obtain the information about the client certificate owner. To use this header, you must specify a name for the custom header.	HTTPS
X-Forwarded-Clientcert-issuerdn	Listeners can use the `X-Forwarded-Clientcert-issuerdn` header to obtain the information about the client certificate authority. To use this header, you must specify a name for the custom header.	HTTPS
X-Forwarded-Clientcert-fingerprint	Listeners can use the `X-Forwarded-Clientcert-fingerprint` header to obtain the fingerprint value of the client certificate. To use this header, you must specify a name for the custom header.	HTTPS
X-Forwarded-Clientcert-clientverify	Listeners can use the `X-Forwarded-Clientcert-clientverify` header to obtain the authentication result of the client certificate. To use this header, you must specify a name for the custom header.	HTTPS
X-Forwarded-Client-srcport	Listeners can use the `X-Forwarded-Client-srcport` to obtain the client port. Format: `X-Forwarded-Client-srcport: <port>`	HTTP HTTPS

Add HTTP headers in the console

Add an HTTP header when you create a listener

Log on to the ALB console.
In the top navigation bar, select the region in which the ALB instance is deployed.
Use one of the following methods to open the listener configuration wizard:
- On the Instances page, find the ALB instance that you want to manage and click Create Listener in the Actions column.
- On the Instances page, click the ID of the ALB instance that you want to manage. On the Listener tab, click Create Listener.

In the Configure Listener step, configure the following parameters and click Next.

Parameter	Description
Listener Protocol	Select a listener protocol.
Advanced Settings	You can click Modify to configure the advanced settings.
Custom HTTP Header	Select the HTTP headers that you want to add.

Note

For more information about other parameters, see the following topics:

Complete the configurations as prompted.

Add an HTTP header to an existing listener

Log on to the ALB console.
In the top navigation bar, select the region in which the ALB instance is deployed.
On the Instances page, click the ID of the ALB instance that you want to manage.
Click the Listener tab, find the listener that you want to manage and choose Modify Listener in the Actions column.
In the Modify Listener dialog box, click Modify on the right side of Advanced Settings.
In the Custom HTTP Header section, add or remove HTTP headers and click Save.

Add HTTP headers by making API calls

You can specify the headers that you want to add when you call the API to create a listener. When you call the API to add, keep, or remove headers for an existing listener.

To add an HTTP header when you create a listener, set the XForwardedForConfig parameter when you call the CreateListener operation.
To manage the HTTP headers of an existing listener, modify the XForwardedForConfig parameter when you call the UpdateListenerAttribute operation.

References

Console operations

For more information about how to enable ALB to forward HTTP requests, see Add an HTTP listener.
For more information about how to enable ALB to forward HTTPS requests, see Add an HTTPS listener.
For more information about how to enable ALB to forward QUIC requests, see Add a QUIC listener.

API references

CreateListener: Creates an HTTP, HTTPS, or QUIC listener. You can set the XForwardedForConfig parameter in the request to add HTTP headers.
UpdateListenerAttribute: Modifies the configurations of a listener. You can modify the XForwardedForConfig parameter in the request to add, keep, or removes HTTP headers.