security group aws specific ip http/https blocks everything
Question
I've follow the documentation of I've read https://docs.aws.amazon.com/vpc/latest/userguide/VPC_SecurityGroups.html
and I want to create a security group in AWS which allows only one IP access to ports 80 or 443, but AWS is blocking everything even the IP which should have access when I apply this group.
We are using nginx in the ec2 server and the certificate was created with certbot
2 answers
solution1
1 2021-08-10 18:50:51
What do you mean by "blocking everything"?
From these 2 rules, port 80 and port 443 are only open to the one IP that you had given. If this is a webapp, it is likely that you'll have a loadbalancer setup to receive the traffic.
- Check the ELB security group and block traffic there (If there is an ELB setup)
- Check the VPC NACL if there are any block for port 80/443 traffic. If that is the case, NACL rule will take precedence here
- Make sure you check your outbound rules also. If by "Blocking everything", you meant the outbound traffic
solution2
0 2022-02-13 10:45:23
Edit the inbound rule to be only lock out any other port to the instance ip address only, while you open 443 and 80 to everyone. eg. if ur ec2 instance public ip is 13.255.77.8 and you don't want port 5000 to be accessible to the public, create a custom tcp with your that is only acessible to that port ie mapping port 5000 to this ip - 13.255.77.8/32
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.