Al usar AWS re:Post, aceptas las AWS re:Post Términos de uso
AWS re:Postre:Post

Security Group's best practice

0

My website has somehow been infected with a virus, and I believe I need to be more vigilant in managing both inbound and outbound rules.

Here are the current inbound rules:

HTTP: 0.0.0.0/0 HTTPS: 0.0.0.0/0 SSH: 0.0.0.0/0 HTTP: ::/0 HTTPS: ::/0 SSH: ::/0 The current outbound rule is:

AllTrafic: 0.0.0.0/0 What are the best practices for managing these rules?

Website: https://runtobuy.com/

Temas
Redes y entrega de contenido
Etiquetas
Redes y entrega de contenidoGrupo de seguridad
Idioma
English
scholar
preguntada hace 7 meses188 visualizaciones
1 Respuesta
1

Hi, you should limit 0.0.0.0/0 and 0.0.0.0::0 to http(s). ssh should be reserved to controlled addresses: ip of admins.

More importantly, you should probably introduce AWS Web Application Firewall (aka WAF) to better protect your site: see https://aws.amazon.com/waf/

This video is also a good place to start: https://www.youtube.com/watch?v=FdJ4fKMMTIE

Best,

Didier

profile pictureAWS
EXPERTO
Didier_Durand
respondido hace 7 meses
  • scholar
    hace 7 meses

    Thank you for advice. Should I limit 0.0.0.0/0 and 0.0.0.0::0 to http(s) for inbound and outbound rules or just for inbound?

No has iniciado sesión. Iniciar sesión para publicar una respuesta.

Una buena respuesta responde claramente a la pregunta, proporciona comentarios constructivos y fomenta el crecimiento profesional en la persona que hace la pregunta.

Pautas para responder preguntas

Contenido relevante