How to block strange HTTP requests from AWS ELB
Question
I have a bunch of strange logs on Cloudwatch coming from ALB, looks like this.
2020-11-03T14:52:57.289+09:00 Not Found: /owa/auth/logon.aspx
2020-11-03T15:23:20.120+09:00 Not Found: /.env
2020-11-03T15:35:39.482+09:00 Not Found: /index.php
I use cloudwatch to logging server data, so this really bothers me. I would like to know how to block them.
1 answers
solution1
0 ACCPTED 2020-11-03 21:07:34
Welcome to the Internet! There are many strange bots running on the Internet that are trying to access systems using known vulnerabilities. Any device connected to the Internet will regularly receive such requests. Take a look at the logs in your home router to see an example of what takes place.
You could add a Web Application Firewall ( AWS WAF ) to the Load Balancer, which can block defined patterns of requests. However, it might not be worth the effort/expense if your goal is merely to clean-up the log file.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.