9

We have had issues where one IP makes hundreds of requests to our servers, resulting in an overloaded RDS database. Is there a way to set our AWS ELB to block in the case of this DOS-like behavior?

william tell
  • 4,352
  • 6
  • 23
  • 27

4 Answers4

21

Well, this is a very old post but you can do it with AWS WAF, you just need to attach an ACL to your ELB and set a rate limit rule like in the image: enter image description here

I hope this helps someone in the future, I had a really big problem an this solved it for me.

roccolocko
  • 562
  • 5
  • 17
  • This will work as requested. However, for those who want to throttle across IPs, one solution we used it to create a CloudWatch Alarm that sends an alarm to a SNS topic when request count exceeds desired number. A simple Lambda is being invoked from that SNS message that will simply change the Listener to a fixed response to display a nice "Service Busy" message. A second set of above aws resources is to clear the throttling when request count decreased to a lower number. – Aurvoir Jul 14 '21 at 18:19
1

You could block the IP with an ACL rule on the VPC.

http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_ACLs.html

Mark B
  • 183,023
  • 24
  • 297
  • 295
  • 1
    What OP is asking is to limit the rate of queries, not block it totally. – helloV Feb 09 '16 at 21:04
  • Maybe, I don't think the OP is really clear enough regarding what he is asking. Depending on the type of application, and the type of requests, a CDN might be the answer, but the OP just asks about load balancers without giving enough detail for a thorough answer. – Mark B Feb 09 '16 at 21:08
1

What you are asking for is rate limit at ELB. Unfortunately AWS does not provide rate limit for ELB.

ELB Rate Limiting and IP Rules

helloV
  • 50,176
  • 7
  • 137
  • 145
0

ELB does not support that, as mentioned by helloV. You can do that on the NGINX level: https://www.nginx.com/blog/rate-limiting-nginx/.

If you have any piece of code as a lambda, API Gateway supports rate limiting (or throttling): https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-request-throttling.html

Eliseu Monar dos Santos
  • 933
  • 11
  • 13
  • 3
    The catch with Nginx limiting is getting it to share an enforced rate across all instances. I.e. If Nginx limit is just for one instance, then your rate is multiplied by the number of instances in the ELB. This is what makes rate limiting at the ELB desirable. – Courtney Miles Jul 18 '19 at 02:10