We are using traefik as our k8s ingress and a configured it to redirect http requests to https using the following config on helm (additional arguments omitted):
- "--entrypoints.web.http.redirections.entryPoint.to=:443" ## Forward all HTTP traffic to HTTPS
If a request with a malicious host header is made using https, traefik correctly responds with a 404 error. However, for requests using http, traefik returns a redirect response with the location set to whatever is in the Host header. This causes the client to resend the request to that location.
Is there a way to prevent this behavior while using global redirect scheme?