block all access to staging server

0
votes

I have a staging server on AWS that sits behind AWS WAF, I have created a rule to block all IP's and have tried to add 0.0.0.0/0 but get an invalid CIDR when trying to save it. http://cidr.xyz/ shows it is invalid

enter image description here

What is the correct way to block public access, as it is just for staging/testing my setup is: WAF -> CloudFront -> ELB -> App nodes

1
amazon-web-servicesamazon-waf
Who should be able to access the staging server?Mahdi
just some internal ips which i would whitelistkhinester
Can you add some images showing your security group and the error you get?Mahdi

1 Answers

0
votes

Let's assume you only want to allow requests from 192.0.5.44 IP address to your web server. Then you should create an IP match condition and add this IP to the address part (not 0.0.0.0/0). Also note that if you want to allow a single IP, you should add /32 to your IP (192.0.5.44/32). Once you created your condition, go to the rules section and in the Default action select "Block all requests that don't match any rules".