AWS re:Post을(를) 사용하면 다음에 동의하게 됩니다. AWS re:Post 이용 약관
AWS re:Postre:Post

Security Group's best practice

0

My website has somehow been infected with a virus, and I believe I need to be more vigilant in managing both inbound and outbound rules.

Here are the current inbound rules:

HTTP: 0.0.0.0/0 HTTPS: 0.0.0.0/0 SSH: 0.0.0.0/0 HTTP: ::/0 HTTPS: ::/0 SSH: ::/0 The current outbound rule is:

AllTrafic: 0.0.0.0/0 What are the best practices for managing these rules?

Website: https://runtobuy.com/

주제
네트워킹 및 콘텐츠 전송
태그
네트워킹 및 콘텐츠 전송보안 그룹
언어
English
scholar
질문됨 7달 전186회 조회
1개 답변
1

Hi, you should limit 0.0.0.0/0 and 0.0.0.0::0 to http(s). ssh should be reserved to controlled addresses: ip of admins.

More importantly, you should probably introduce AWS Web Application Firewall (aka WAF) to better protect your site: see https://aws.amazon.com/waf/

This video is also a good place to start: https://www.youtube.com/watch?v=FdJ4fKMMTIE

Best,

Didier

profile pictureAWS
전문가
Didier_Durand
답변함 7달 전
  • scholar
    7달 전

    Thank you for advice. Should I limit 0.0.0.0/0 and 0.0.0.0::0 to http(s) for inbound and outbound rules or just for inbound?

로그인하지 않았습니다. 로그인해야 답변을 게시할 수 있습니다.

좋은 답변은 질문에 명확하게 답하고 건설적인 피드백을 제공하며 질문자의 전문적인 성장을 장려합니다.

질문 답변하기에 대한 가이드라인

관련 콘텐츠