[英]security group aws specific ip http/https blocks everything
I've follow the documentation of I've read https://docs.aws.amazon.com/vpc/latest/userguide/VPC_SecurityGroups.html我已经阅读了 https://docs.aws.amazon.com/vpc/latest/userguide/VPC_SecurityGroups.html的文档
and I want to create a security group in AWS which allows only one IP access to ports 80 or 443, but AWS is blocking everything even the IP which should have access when I apply this group.我想在 AWS 中创建一个安全组,它只允许一个 IP 访问端口 80 或 443,但 AWS 阻止了所有内容,甚至是 IP,当我应用该组时,它应该可以访问。
We are using nginx in the ec2 server and the certificate was created with certbot我们在 ec2 服务器中使用 nginx 并且证书是使用 certbot 创建的
What do you mean by "blocking everything"? “阻止一切”是什么意思?
From these 2 rules, port 80 and port 443 are only open to the one IP that you had given.从这 2 条规则来看,端口 80 和端口 443 仅对您提供的 IP 开放。 If this is a webapp, it is likely that you'll have a loadbalancer setup to receive the traffic.如果这是一个网络应用程序,您可能会设置一个负载均衡器来接收流量。
Edit the inbound rule to be only lock out any other port to the instance ip address only, while you open 443 and 80 to everyone.将入站规则编辑为仅锁定实例 ip 地址的任何其他端口,同时向所有人开放 443 和 80。 eg.例如。 if ur ec2 instance public ip is 13.255.77.8 and you don't want port 5000 to be accessible to the public, create a custom tcp with your that is only acessible to that port ie mapping port 5000 to this ip - 13.255.77.8/32如果您的 ec2 实例 public ip 是 13.255.77.8 并且您不希望公众可以访问端口 5000,请使用您的自定义 tcp 创建一个只能访问该端口的端口,即将端口 5000 映射到此 ip - 13.255.77.8/ 32
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.