skip to Main Content

I’ve follow the documentation of I’ve read https://docs.aws.amazon.com/vpc/latest/userguide/VPC_SecurityGroups.html

and I want to create a security group in AWS which allows only one IP access to ports 80 or 443, but AWS is blocking everything even the IP which should have access when I apply this group.

We are using nginx in the ec2 server and the certificate was created with certbot

my inbound rules

2

Answers


  1. What do you mean by "blocking everything"?

    From these 2 rules, port 80 and port 443 are only open to the one IP that you had given. If this is a webapp, it is likely that you’ll have a loadbalancer setup to receive the traffic.

    • Check the ELB security group and block traffic there (If there is an ELB setup)
    • Check the VPC NACL if there are any block for port 80/443 traffic. If that is the case, NACL rule will take precedence here
    • Make sure you check your outbound rules also. If by "Blocking everything", you meant the outbound traffic
    Login or Signup to reply.
  2. Edit the inbound rule to be only lock out any other port to the instance ip address only, while you open 443 and 80 to everyone.
    eg. if ur ec2 instance public ip is 13.255.77.8 and you don’t want port 5000 to be accessible to the public, create a custom tcp with your that is only acessible to that port ie mapping port 5000 to this ip – 13.255.77.8/32

    Login or Signup to reply.
Please signup or login to give your own answer.
Back To Top
Search