Query attacks from outside are too frequent since AWS EC2 was used. AWS WAF is too expensive and burdensome. I'm trying to install modsecurity inside the server, but it's not working properly because of ELB. Is there any other alternative or way?
Asked
Active
Viewed 208 times
0
-
What do you mean "not working properly because of ELB"? Suggest you edit your question to make your problem unambiguous. Personally I use CloudFlare, and I have fail2ban pushing bad actors to the CloudFlare firewall blocking them before they reach AWS https://www.photographerstechsupport.com/tutorials/protecting-amazon-linux-server-fail2ban-cloudflare-wordpress/ – Tim Dec 06 '21 at 01:14
-
"it's not working properly because of ELB" Fix that. I'd bet your problem is that you're seeing the IP of the load balancer and not the client IP; it's a relatively easy thing to fix. https://aws.amazon.com/premiumsupport/knowledge-center/elb-capture-client-ip-addresses/. – ceejayoz Dec 06 '21 at 01:17