We have had issues where one IP makes hundreds of requests to our servers, resulting in an overloaded RDS database. Is there a way to set our AWS ELB to block in the case of this DOS-like behavior?
60,000 active flows (or connections) (sampled per minute). 1 GB per hour for EC2 instances, containers and IP addresses as targets.
All the load balancers of a ELB registers their IP addresses on the DNS service at Amazon's side. So for different queries, Amazon will return different IP addresses. This is why ELB only has a DNS name instead of a static IP address.
For more information, see Routing traffic to an ELB load balancer in the Amazon Route 53 Developer Guide. The load balancer has one IP address per enabled Availability Zone. These are the addresses of the load balancer nodes.
Well, this is a very old post but you can do it with AWS WAF, you just need to attach an ACL to your ELB and set a rate limit rule like in the image:
I hope this helps someone in the future, I had a really big problem an this solved it for me.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With