堆栈内存溢出
  简体   繁体   English

是否从Rails 4应用程序阻止Amazon AWS服务器?

[英]Blocking Amazon AWS servers from Rails 4 application?

 原文  2016-09-30 13:10:30       security/ ruby-on-rails-4/ amazon-web-services/ heroku/ blacklist

问题描述

I have a Rails 4 application running on Heroku with exception_notification . 我在Heroku上运行带有exception_notification的Rails 4应用程序。 I was notified that an AWS server was fishing for a login page by trying to access /wp-login.php . 有人通知我,AWS服务器通过尝试访问/wp-login.php来获取登录页面。 Since that is not my app's login page, someone had to manually enter that URL. 由于这不是我应用程序的登录页面,因此必须有人手动输入该URL。 Tracking the IP shows an Amazon AWS server in Oregon. 跟踪IP将显示俄勒冈州的Amazon AWS服务器。

There shouldn't be any reason why someone would ever access my app via an AWS server, so my initial thought is someone is trying to get into the application. 不应有任何理由使某人曾经通过AWS服务器访问我的应用程序,因此我最初的想法是有人试图进入该应用程序。

In order to avoid any potential attack, I'm thinking about blocking all Amazon AWS requests. 为了避免任何潜在的攻击,我正在考虑阻止所有Amazon AWS请求。

Is there any way to blacklist Amazon AWS servers specifically? 有什么方法可以将Amazon AWS服务器专门列入黑名单? The only thing I can think of is checking the IP address of every request and ignoring those coming from a list I keep of Amazon, but I'm not sure if there is an official listing of Amazon IP addresses. 我唯一想到的就是检查每个请求的IP地址,而忽略那些来自我保留的Amazon列表的请求,但是我不确定是否有Amazon IP地址的正式列表。

But checking the IP of every request against a blacklist seems inefficient. 但是,根据黑名单检查每个请求的IP似乎效率很低。 I'm aware of the rack-attack gem, but that is still running Ruby code to do the check, which doesn't seem very fast... 我知道rack-attack宝石,但是它仍在运行Ruby代码来进行检查,这似乎并不快...

1 个解决方案

解决方案1
 0  2016-09-30 14:28:58

Blocking all AWS IPs is not a good solution. 阻止所有AWS IP并不是一个好的解决方案。 Potentially, the traffic can come from any part of the world. 潜在的流量可能来自世界的任何地方。 How are you going to block the traffic? 您如何阻止交通? Instead you should make your application robust. 相反,您应该使应用程序健壮。

There is an official listing of AWS IP address: AWS IP Address Ranges 这里有AWS IP地址的正式列表: AWS IP地址范围

If you are 100% sure that traffic originating from AWS (remember there are many AWS regions), then you can block them using IP tabled. 如果您100%确定来自AWS的流量(请记住有许多AWS区域),则可以使用IP表阻止它们。 One such solution is: AWS Blocker 一种这样的解决方案是: AWS Blocker

Blocking all AWS IPs is not a good solution. 阻止所有AWS IP并不是一个好的解决方案。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 AWS中的AngularJS和Rails应用程序安全性 - AngularJS and Rails application security in AWS 保护Amazon Web Services(AWS)S3免受DDoS攻击 - Protecting Amazon Web Services (AWS) S3 from DDoS attacks 了解亚马逊 waf 阻止请求的原因 - Understanding why amazon waf is blocking a request Amazon Web 服务 (AWS) 是否支持 GDPR? - Does Amazon Web Services (AWS) support GDPR? 从应用程序模拟用户角色(例如经理、承包商等)向 Amazon Elastic Search 发出 POST 请求 - POST request to Amazon Elastic Search from application impersonating user role (e.g. manager, contractor, etc…) 从 AWS Lambda 和 CloudFront 向 web 应用程序注入数据 - Injecting data to web application from AWS Lambda & CloudFront Amazon AWS Elastic Beanstalk-连接到mongodb - Amazon AWS Elastic Beanstalk - connect to mongodb Java应用程序阻止安全性Java 8 Update 45 - Java application blocking security Java 8 Update 45 我是否应该从 AWS 获得(笔测试)批准对我托管在 AWS 上的应用程序 API 进行模糊测试? - Should I take (Pen test) approval from AWS for Fuzz testing my Application API's hosted on AWS? 适用于 .NET 的 AWS 开发工具包是否通过安全通道与 S3 服务器通信? - Does AWS SDK for .NET communicate in a secure channel with S3 servers?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM