How can we block IP in Security Group where we allowed icmp,http,https to all, should not block in vpc also implement role to instance any other solution

0

I am having one web server, particular ip is hitting contiously due to which CPU utilization is more and server is running down time. wants to block the ip in Security Group which is not possible, Iam role and policy but not getting blocked { "Version": "2012-10-17", "Statement": [ { "Effect": "Deny", "Action": "", "Resource": "", "Condition": { "IpAddress": { "aws:SourceIp": "xxxx/32" }, "StringEquals": { "aws:SourceVpc": "vpc-xxxx2ee5fa" } } } ] } Not working with above policy also. also we need icmp,http,https to 0.0.0.0/0

질문됨 3달 전130회 조회
2개 답변
1
수락된 답변

According to me the solution for this is to connect to the EC2 instance and drop the ip using the command #Check for IP tables

sudo iptables -A INPUT -s <IP-ADDRESS-TO-BLOCK> -j DROP

sudo service iptables save

Block an IP using firewalld

sudo firewall-cmd --permanent --add-rich-rule='rule family="ipv4" source address="<IP-ADDRESS-TO-BLOCK>" drop' sudo firewall-cmd --reload

by following above steps we have block the IP tail -f /var/log/httpd/access_log # to check ip status

But if in the security group if AWS allows us to Drop an option in a custom where we can give the required ip i will be easier but this option we cant find.

답변함 3달 전
profile picture
전문가
검토됨 2달 전
0

create a rule in your Network Access Control List to deny traffic from that IP

https://docs.aws.amazon.com/vpc/latest/userguide/vpc-network-acls.html

답변함 3달 전
  • Thank you. But If we create NACL rule it will be denied for all the instances in that network. Even we cant login to the ec2 tried this solution

로그인하지 않았습니다. 로그인해야 답변을 게시할 수 있습니다.

좋은 답변은 질문에 명확하게 답하고 건설적인 피드백을 제공하며 질문자의 전문적인 성장을 장려합니다.

질문 답변하기에 대한 가이드라인

관련 콘텐츠