How can we block IP in Security Group where we allowed icmp,http,https to all, should not block in vpc also implement role to instance any other solution

0

I am having one web server, particular ip is hitting contiously due to which CPU utilization is more and server is running down time. wants to block the ip in Security Group which is not possible, Iam role and policy but not getting blocked { "Version": "2012-10-17", "Statement": [ { "Effect": "Deny", "Action": "", "Resource": "", "Condition": { "IpAddress": { "aws:SourceIp": "xxxx/32" }, "StringEquals": { "aws:SourceVpc": "vpc-xxxx2ee5fa" } } } ] } Not working with above policy also. also we need icmp,http,https to 0.0.0.0/0

質問済み 3ヶ月前120ビュー
2回答
1
承認された回答

According to me the solution for this is to connect to the EC2 instance and drop the ip using the command #Check for IP tables

sudo iptables -A INPUT -s <IP-ADDRESS-TO-BLOCK> -j DROP

sudo service iptables save

Block an IP using firewalld

sudo firewall-cmd --permanent --add-rich-rule='rule family="ipv4" source address="<IP-ADDRESS-TO-BLOCK>" drop' sudo firewall-cmd --reload

by following above steps we have block the IP tail -f /var/log/httpd/access_log # to check ip status

But if in the security group if AWS allows us to Drop an option in a custom where we can give the required ip i will be easier but this option we cant find.

回答済み 3ヶ月前
profile picture
エキスパート
レビュー済み 2ヶ月前
0

create a rule in your Network Access Control List to deny traffic from that IP

https://docs.aws.amazon.com/vpc/latest/userguide/vpc-network-acls.html

回答済み 3ヶ月前
  • Thank you. But If we create NACL rule it will be denied for all the instances in that network. Even we cant login to the ec2 tried this solution

ログインしていません。 ログイン 回答を投稿する。

優れた回答とは、質問に明確に答え、建設的なフィードバックを提供し、質問者の専門分野におけるスキルの向上を促すものです。

質問に答えるためのガイドライン

関連するコンテンツ