skip to Main Content

I have a NodeJS backend deployed on an EC2 instance of AWS. One of the problems I’m experiencing is that I’m getting random requests to routes that don’t exist (I imagine it’s a bot).

enter image description here

I would like only my frontend and certain IPs (e.g. my personal PC) to be enabled to make requests to this instance, but I wouldn’t know how to do it. I’ve searched a bit, but I don’t quite understand it.

I guess the Netlify site doesn’t have an static IP, so I don’t know hoy to solve it.

My backend has an SSL certificate.
My frontend is deployed in Netlify, with the free layer.

2

Answers


  1. In order to restrict internet traffic based on IP addresses, you’ll need to configure the EC2 instance’s security group rules.

    In order to do this, go to the EC2 dashboard in the AWS management console, and either create a new security group or modify an existing one that you already use for this purpose. Add inbound rules to this security group to allow traffic on the required ports from the selected/known IP addresses and ranges. Then apply this security group to your EC2 instance.

    Refer: Control traffic to your AWS resources using security groups

    I’m not familirized with hoe Netlify works, but probably this article could be of help.

    Login or Signup to reply.
  2. Restricting access to your EC2 instance for security reasons is achieved through Security Groups, not by whitelisting URLs. You can edit the Security Group’s inbound rules to specify allowed ports (like 80 or 4200 for Angular) and the source IP addresses that can connect. While allowing all IP addresses (0.0.0.0/0) is possible for testing, it’s best to use specific IP addresses or a WAF for better security in production environments.

    Login or Signup to reply.
Please signup or login to give your own answer.
Back To Top
Search