How to configure AWS ELB to block specific IP addresses? (famous spammers)

Question

How to configure AWS ELB to block specific IP addresses? (famous spammers)

Am I looking for a way to remove connections from known IP spam addresses on Amazon Elastic Load Balancer (ELB)?

I am currently doing this at the web server level (multiple instances working for ELB), but I wonder if there is a way to do this on ELB. That way, I can avoid setting up every instance of the web server for this.

I usually pull the list from the list from Spamhause.org every day and update the configuration of my web server

+7

amazon-web-services amazon-elb spam-prevention spam

Litmus Nov 21 '13 at 14:16

source share

2 answers

Evgeny Goldin · Answer 1 · 2013-11-21T16:53:08+0000

I would try to use ACL for VPC for this. First of all, ELBs within VPCs can use Security Groups , but they only indicate the traffic that you allow to and from ELBs. In fact, blocking traffic coming from a specific IP address will be the best ACL .

To do this, you need to use a pair of public (Internet-oriented) and internal ELBs with an internal ELB, protected by ACL DENY subnets.

andreimarinescu · Answer 2 · 2013-11-21T15:20:22+0000

You cannot do this from an ELB that is not created inside the VPC (on the response date). If inside a VPC, check other answers. If not, you can switch to something more manageable, like HAProxy or place CloudFlare ( https://www.cloudflare.com/ ) in front of your ELB, which is probably the best option.

How to configure AWS ELB to block specific IP addresses? (famous spammers)

More articles: