2

I have an AWS lightsail instance running wordpress. It is getting pounded with hits from Chinese IP addresses - and they keep changing IP's. I started making hundreds of iptables rules but am giving up as this is clearly the wrong approach.

I discovered the AWS WAF service, and created an ACL which drops traffic from China. And the WAF is in the same region as my lightsail instance.

Great. But it's not doing anything...still getting hit. I can't figure out how (or IF) I connect my lightsail traffic to the WAF. Is it even possible?

I don't need a load balancer, nor cloudfront, nor do a have a gateway (I think). This setup is really simple...

TSG
  • 1,674
  • 7
  • 32
  • 51

2 Answers2

1

AWS WAF will not work in your use case unless you use an Application Load Balancer

AWS WAF is tightly integrated with Amazon CloudFront and the Application Load Balancer (ALB), services that AWS customers commonly use to deliver content for their websites and applications.

If you're not using one of these technologies AWS WAF will not work for you.

I understand you do not want to use an Application Load Balancer but Lightsail does support it. If you were to use it then you could use AWS WAF.

References

Lightsail with other AWS Services
AWS WAF FAQ

kenlukas
  • 3,101
  • 2
  • 16
  • 26
0

I am in same situation as TSG. We hosting site in Ohio east-2 region. But I figured I can't use WAF directly for lightsail so I created a cloudfront. But still could not get it to work. Any advice here?

CocCu
  • 1
  • This does not really answer the question. If you have a different question, you can ask it by clicking [Ask Question](https://serverfault.com/questions/ask). To get notified when this question gets new answers, you can [follow this question](https://meta.stackexchange.com/q/345661). Once you have enough [reputation](https://serverfault.com/help/whats-reputation), you can also [add a bounty](https://serverfault.com/help/privileges/set-bounties) to draw more attention to this question. - [From Review](/review/late-answers/518051) – Dave M Apr 15 '22 at 21:08