Q. How do I block a specific IP when I use AWS?
A. Introduce how you can use it in a general context.
1. How to block specific IPs
Client IP remains in the Request header with the keyword x-forwarded_for.
You can set Log Format to capture this and leave it in the Access Log area.
Add the LogFormat setting in httpd.conf / nginx.conf as follows :
2. For Classic Load Balancer
For CLB, you must enable support for Proxy Protocol.
Please refer to the link below for more information.
Reference link : https://docs.aws.amazon.com/ko_kr/elasticloadbalancing/latest/classic/enable-proxy-protocol.html
3. Subsequent Troubled IP
Subsequent Troubled IPs can be blocked using WAF.
Create ACLs -> Register IP Address in IP Condition -> Set prevention policy rule in Rules
-> Select a rule to apply block.
The above information has been guided based on the use of LB.
In some cases, you can replace LB with HAProxy to use Proxy Protocol.
However, aws does not recommend this, and it is necessary to perform unnecessary work on the current configuration, so not recommend it.
This document is based on February 2020.
Please leave a comment if document needs an update.
If you need additional support, please contact us at firstname.lastname@example.org and we will kindly guide you.
Thank you very much.