Ao usar o AWS re:Post, você concorda com os AWS re:Post Termos de uso
AWS re:Postre:Post

Security Group's best practice

0

My website has somehow been infected with a virus, and I believe I need to be more vigilant in managing both inbound and outbound rules.

Here are the current inbound rules:

HTTP: 0.0.0.0/0 HTTPS: 0.0.0.0/0 SSH: 0.0.0.0/0 HTTP: ::/0 HTTPS: ::/0 SSH: ::/0 The current outbound rule is:

AllTrafic: 0.0.0.0/0 What are the best practices for managing these rules?

Website: https://runtobuy.com/

Tópicos
Rede e entrega de conteúdo
Tags
Rede e entrega de conteúdoGrupo de segurança
Idioma
English
scholar
feita há 7 meses187 visualizações
1 Resposta
1

Hi, you should limit 0.0.0.0/0 and 0.0.0.0::0 to http(s). ssh should be reserved to controlled addresses: ip of admins.

More importantly, you should probably introduce AWS Web Application Firewall (aka WAF) to better protect your site: see https://aws.amazon.com/waf/

This video is also a good place to start: https://www.youtube.com/watch?v=FdJ4fKMMTIE

Best,

Didier

profile pictureAWS
ESPECIALISTA
Didier_Durand
respondido há 7 meses
  • scholar
    há 7 meses

    Thank you for advice. Should I limit 0.0.0.0/0 and 0.0.0.0::0 to http(s) for inbound and outbound rules or just for inbound?

Você não está conectado. Fazer login para postar uma resposta.

Uma boa resposta responde claramente à pergunta, dá feedback construtivo e incentiva o crescimento profissional de quem perguntou.

Diretrizes para responder a perguntas

Conteúdo relevante