En utilisant AWS re:Post, vous acceptez les AWS re:Post Conditions d’utilisation
AWS re:Postre:Post

Security Group's best practice

0

My website has somehow been infected with a virus, and I believe I need to be more vigilant in managing both inbound and outbound rules.

Here are the current inbound rules:

HTTP: 0.0.0.0/0 HTTPS: 0.0.0.0/0 SSH: 0.0.0.0/0 HTTP: ::/0 HTTPS: ::/0 SSH: ::/0 The current outbound rule is:

AllTrafic: 0.0.0.0/0 What are the best practices for managing these rules?

Website: https://runtobuy.com/

Sujets
Réseaux et diffusion de contenu
Balises
Réseaux et diffusion de contenuGroupe de sécurité
Langue
English
scholar
demandé il y a 7 mois187 vues
1 réponse
1

Hi, you should limit 0.0.0.0/0 and 0.0.0.0::0 to http(s). ssh should be reserved to controlled addresses: ip of admins.

More importantly, you should probably introduce AWS Web Application Firewall (aka WAF) to better protect your site: see https://aws.amazon.com/waf/

This video is also a good place to start: https://www.youtube.com/watch?v=FdJ4fKMMTIE

Best,

Didier

profile pictureAWS
EXPERT
Didier_Durand
répondu il y a 7 mois
  • scholar
    il y a 7 mois

    Thank you for advice. Should I limit 0.0.0.0/0 and 0.0.0.0::0 to http(s) for inbound and outbound rules or just for inbound?

Vous n'êtes pas connecté. Se connecter pour publier une réponse.

Une bonne réponse répond clairement à la question, contient des commentaires constructifs et encourage le développement professionnel de la personne qui pose la question.

Instructions pour répondre aux questions

Contenus pertinents