While using Amazon Web Services with their Elastic Load Balancer offering, I recently discovered that the load balancers can now be accessed directly by a public IP address. This can cause major problems with Google with it comes to duplicate content and has the potential to ruin your rankings for your main domain in favor of this public IP address.

This morning I woke to an email from a reliable friend who had found that my entire site had been indexed by Google using a strange IP address that I had never seen before, we’ll call it 123.123.321.567. My first instinct was to assume someone had copied the site and had it hosted from an IP address instead of a domain name - a simple trace route helped me discover that this was not the case. It was, in fact, coming from my load balancer. So my next steps were to log in to the EC2 Management Console and take a look at my currently allocated Elastic IP Addresses… but 123.123.321.567 IP wasn’t there. After some serious digging I found that if you open up the Network Interfaces menu, click on your load balancer and look in the details you will find this Public IP address with a strange asterisk after it.

Strange, huh? When I set up this load balancer for the first time I don’t recall this ever being there, only the private IP. Either way, it’s there and people can type that in to a browser and access your site. Even worse, if you have a site that dynamically generates links based on the current URL, your canonical URL could reflect this IP address too. Anyway, enough with the consequences - let’s get on to the solution.

The solution is fairly simple, edit your server configuration file to redirect all traffic from that IP address to your domain. Generally I use nginx but this is another occasion where I’m using Apache, so, this is the solution for Apache. Assuming you’re using Ubuntu, just stick this in your virtual host file located in the /etc/apache2/sites-available/ directory.

RewriteEngine On
RewriteCond %{HTTP_HOST} 123.123.321.567
RewriteRule ^(.*)$ http://www.domain.com$1 [R=301,L]

I would also recommend setting up similar redirects for the servers behind your load balancer if you don’t have security group rules denying non-load balancer traffic to them.