My site is getting a lot of fingerprinting traffic on the IP address associated with my elastic load balancer. I'd like to disallow traffic on the IP address, similar to how IIS does site bindings.
我的网站在与弹性负载均衡器相关的IP地址上获得了大量的指纹识别流量。我想禁止IP地址上的流量,类似于IIS进行网站绑定的方式。
Is this possible?
这可能吗?
1 个解决方案
#1
0
Create a new target group. Call it something obvious, like "blackhole." Don't assign any instances to it.
创建一个新的目标组。称之为明显的东西,比如“黑洞”。不要为其分配任何实例。
Make the default rule of the ALB point to this target group.
使ALB的默认规则指向此目标组。
Then, add a rule matching your correct/expected Host header, pointing to the real target group (with the instances).
然后,添加一个匹配正确/预期主机标头的规则,指向真实目标组(使用实例)。
Requests without that hostname in the Host header reach the default rule and are routed to its target group (the black hole), which has no instances. The balancer rejects the request:
Host标头中没有该主机名的请求将达到默认规则,并被路由到其目标组(黑洞),该组没有实例。平衡器拒绝请求:
HTTP/1.1 503 Service Unavailable
Your instances see no traffic, unless the correct Host header is provided.
除非提供了正确的主机头,否则您的实例看不到流量。
#1
0
Create a new target group. Call it something obvious, like "blackhole." Don't assign any instances to it.
创建一个新的目标组。称之为明显的东西,比如“黑洞”。不要为其分配任何实例。
Make the default rule of the ALB point to this target group.
使ALB的默认规则指向此目标组。
Then, add a rule matching your correct/expected Host header, pointing to the real target group (with the instances).
然后,添加一个匹配正确/预期主机标头的规则,指向真实目标组(使用实例)。
Requests without that hostname in the Host header reach the default rule and are routed to its target group (the black hole), which has no instances. The balancer rejects the request:
Host标头中没有该主机名的请求将达到默认规则,并被路由到其目标组(黑洞),该组没有实例。平衡器拒绝请求:
HTTP/1.1 503 Service Unavailable
Your instances see no traffic, unless the correct Host header is provided.
除非提供了正确的主机头,否则您的实例看不到流量。