Restrictions to .NET web app

0

Hi AWS, I have a .NET 4.7 HES web application deployed on AWS EC2. I want to restrict the traffic for the app so that no one outside of India can access it using EC2 or ALB.

Thanks

1回答
1

Hello.

If you are using ALB, you can restrict countries with AWS WAF.
If you want to limit it to India only, you should just enter the country code as "IN".
When creating a rule, select "doesn't match the statement (NOT)" to block countries other than India.
https://repost.aws/knowledge-center/waf-allow-block-country-geolocation

profile picture
エキスパート
回答済み 5ヶ月前
  • Hi @Riku_Kobayashi, I was going through this blog post https://repost.aws/knowledge-center/waf-protect-ec2-instance. But the issue is one of the web apps is not having ALB, in that case how can we restrict the traffic on EC2 in India.

  • I think it would be difficult to implement country restrictions using only EC2. For example, if you can determine the IP address with a .NET application, I think it is possible to create a process that obtains the CIDR of the Indian IP from the site below and allows access from that list. I think it is possible to allow it with a security group, but please note that if there are many CIDRs, it will not be possible to configure all the settings. https://www.countryipblocks.net/acl.php

  • Since you're not using ALB, your choices are to either (a) use ALB or AWS CloudFront and configure WAF as Riku_Kobayashi suggested, or (b) use a 3rd-party HTTP module with IIS or a .NET library/NuGet package that does IP address filtering by geo. There are modules that work with IIS on Windows, such as ModSecurity by SpiderLabs, but I am not able to endorse 3rd-party products.

ログインしていません。 ログイン 回答を投稿する。

優れた回答とは、質問に明確に答え、建設的なフィードバックを提供し、質問者の専門分野におけるスキルの向上を促すものです。

質問に答えるためのガイドライン

関連するコンテンツ