Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Block HEAD requests to AWS Elastic Beanstalk and Elastic Load Balancer

Tags:

http-headers

http

amazon-web-services

amazon-ec2

http-request

I have an AWS Elastic Beanstalk (Node.js) setup behind an Elastic Load Balancer and alerts setup for the load balancer. Each night I get tons of alerts for:

Environment health has transitioned from Ok to Severe. 100.0 % of the requests are erroring with HTTP 4xx.

This is due to trawls of different PHP hackz and phpmyadmin, dbadmin, etc. using the HEAD method in 99% of the cases. Since we have an external AIM service they trigger on these alerts as well creating an issue for each (which we now change of course) but crying "wolf" you know...

Question is, is it possible to block HEAD or certain URI's we know we don't need somehow to get rid of the "false" HTTP 4xx?

like image 966
Anders Avatar asked Jan 04 '17 07:01

Anders

People also ask

Does Elastic Beanstalk use load balancer?

By default, Elastic Beanstalk creates an Application Load Balancer for your environment when you enable load balancing with the Elastic Beanstalk console or the EB CLI.

When should you not use Elastic Beanstalk?

Elastic Beanstalk isn't great if you need a lot of environment variables. The simple reason is that Elastic Beanstalk has a hard limit of 4KB to store all key-value pairs. The environment had accumulated 74 environment variables — a few of them had exceedingly verbose names.

What is EBS and ELB in AWS?

Elastic Block Storage (EBS) EBS is a disk in the cloud that provides a consistent block storage and can be attached to EC2 instances. EBS offers a high availability and durability since its automatically replicated in the availability zone.

1 Answers

As Mark B pointed out in the comments above using a Web Application Firewall (WAF & Shield) solves our issue.

We had a normal EC2 ELB (Elastic Load Balancer) and swapped that out for the new Application Load Balancer (ALB) that is a requirement for the WAF.

Setting up WAF is fairly easy, first create a Web ACL for blocking HTTP HEAD (you can add a ton of other protection as well, SQL Injection, etc.) and then add a Rule to Block any matching wACL but Allow any other traffic.

Lastly associate the new wACL with the load balancer and you're done!

Testing HTTP HEAD now gives a "403 Forbidden" and is not entering our Elastic Beanstalk.

like image 58
Anders Avatar answered Sep 29 '22 08:09

Anders
Sign in to Comment

Related questions

Can a single TIdHTTPServer component handle http and https request in the same time?
HttpClient throws TruncatedChunkException accessing large chunked resource
Custom 404 with HttpListener
Android: Persisting Server Session using cookie When Making HTTP calls
How to resolve NODE.Js HTTP POST "ECONNRESET" Error
Parsing JSon data in AngularJS from $http call
HTTP test server: print all client requests to stdout
How to prevent redirects in CasperJS?
http statusCode sometimes undefined
Access-Control-Allow-Origin error when using ember.js(with ember-cli)
Is there a way to include a custom http header in a <video> source call?
How to tell the HTTP server to not send chunked encoding
Angularjs - Multiple $http REST calls (second call dependent on output of first)
CORS error when uploading larger files
(Go) How to control gzip compression when sending http request?
ASP.NET on Docker Not Serving Web App to Browser
502 bad gateway - POST from C# but works fine in fiddler
Query String vs Resource Path for Filtering Criteria
How do I set multiple http header fields with the same key in Node.js?
AWS API Gateway Binary output without Accept header

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!