All geek questions in one place

Static IP for external API

I need to use an external web API for my site, and they ask me what the IP address will be, where the requests will come from. The fact is, my web application scales to multiple instances of Amazon EC2, as it is deployed using Elastic Beanstalk with automatic scaling.

What would be the best solution to the problem?

The best I can think of is to create a micro-instance, bind Elastic IP to it and use it as an HTTP proxy. Is there a better solution?

I am sure that I am not the only one who has this problem, but I could not find another question like mine in stackoverflow. Many e-commerce websites typically use an external payment system that requires requests to come from one or more specific IP addresses ...

Thanks.

Update - thanks to @David, I installed the HTTP proxy using the Apache mod_proxy module. How to configure it so that only my EC2 instances can access it? My EC2 instances are dynamically created with auto-scaling.

ProxyRequests On <Proxy *> Order deny,allow Deny from all Allow from ??? </Proxy>
+4
source share
3 answers

Just use a proxy (forward), Apache2 can do this. By default, the request will come from the IP address of the proxy server (if the service looks at "REMOTE_ADDR"). Some proxies add "HTTP_X_FORWARD_FOR" to indicate the true IP address of the client on which the request was made, but I doubt that your service will verify this.

+2
source

Configure a virtual private cloud (VPC) to isolate IP instances to network 24, then use AWS security groups to isolate access only to your EC2 instances.

+1
source

I would use Nginx as a reverse proxy instead of Apache, because Nginx is smaller and matters, so it can handle more traffic. See this blog post for more details: http://readystate4.com/2012/07/08/nginx-the-non-blocking-model-and-why-apache-sucks/

0
source

Source: https://habr.com/ru/post/1411092/

More articles:


All Articles