Buzz Moschetti
Reputation: 7578
AWS EC2 deny http/https access to specific IPs via CLI
Periodic review of ssl_access https logs reveals more than a few pesky vulnerability probers out there. I wish to specifically block these inbound IPs in a programmatic way, e.g. aws ec2 authorize-security-group-ingress or similar. There is plenty of material describing how to restrict access to a few known IPs but I cannot seem to find anything that describes permitting all except a handful (perhaps a dozen or so).
Upvotes: 0
Views: 100
Answers (1)
Mark B
Reputation: 200562
You can't do that with security groups. Your options are:
- AWS Network ACLs
- AWS Web Application Firewall
- Use something on your EC2 instance like fail2ban
Upvotes: 1
Related Questions
- security group aws specific ip http/https blocks everything
- How to whitelist AWS IP-Range in an EC2 security group?
- Restrict aws api access to a particular ip
- How to whitelist certain IP addresses to grant access to EC2 instances?
- How can i customised outbound rules of ec2 instance for particular IP's
- AWS CLI to restrict inbound connections from a dynamic IP
- Allow only AWS Specific HTTP and HTTPS request from security group
- Limiting IPs with ACL rules in AWS
- Restrict the access to aws instance from specific IP
- EC2: Allowing multiple IPs for a security group rule