By using AWS re:Post, you agree to the Terms of Use

How to secure static IP address of instance from bot attacks?


I have several instances with virtual hosts set up, and the default host document root is /opt/bitnami/wordpress. All of my virtual host records point to their respective domain name/website directory. When someone visits the static IP address of the instance directly, it loads a forbidden error page, which is fine but when bots are attacking the static IP address, I don't know how to limit or prevent the attack. I have fail2ban running, but doesn't seem to be stopping them.

Is there something I can do with the default first virtual host record to stop direct access or at least send them away or limit them somehow?

One other consideration is that I'd still like to be able to test websites the way I usually do by accessing the static IP address with the directrory name. e.g. 11.22.333.444/

2 Answers

Hi, @BJSaws

From your tag, I'm guessing you're using Lightsail.
It is easy to introduce AWS WAF for BOT countermeasures.
However, Lightsail does not provide the ability to use AWS WAF directly.

You can use snapshots to migrate from Lightsail to EC2.
Alternatively, you can use the following link method to host the ALB + WAF in your default VPC and use VPC peering to forward traffic to Ligthsail.

profile picture
answered a month ago

Have you considered using AWS Web Application Firewall bot control?

answered a month ago
  • Thanks. I ended up figuring out that I can restrict my lightsail instances to a range of IP addresses using the lightsail I just restrict all traffic to be from Cloudflare IP address ranges.

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions