Use AWS WAF to block traffic to my lightsail instance

amazon-web-services web-application-firewall

I have an AWS lightsail instance running wordpress. It is getting pounded with hits from Chinese IP addresses - and they keep changing IP's. I started making hundreds of iptables rules but am giving up as this is clearly the wrong approach.

I discovered the AWS WAF service, and created an ACL which drops traffic from China. And the WAF is in the same region as my lightsail instance.

Great. But it's not doing anything...still getting hit. I can't figure out how (or IF) I connect my lightsail traffic to the WAF. Is it even possible?

I don't need a load balancer, nor cloudfront, nor do a have a gateway (I think). This setup is really simple...


Solution 1:

AWS WAF will not work in your use case unless you use an Application Load Balancer

AWS WAF is tightly integrated with Amazon CloudFront and the Application Load Balancer (ALB), services that AWS customers commonly use to deliver content for their websites and applications.

If you're not using one of these technologies AWS WAF will not work for you.

I understand you do not want to use an Application Load Balancer but Lightsail does support it. If you were to use it then you could use AWS WAF.

References

Lightsail with other AWS Services
AWS WAF FAQ

Related

How do you change host management credentials for a cluster in System Center Virtual Machine Manager?
I can't run Ghostbusters the Videogame on Windows 8
Agent A: Lightbulb and a Hammer
How can I get to the Share menu without taking a screenshot?
What are the missable achievements in The Dark Eye: Chains of Satinav?
What are the missable achievements in Memoria?
Where are save games stored?
How can I use the Hetman authorisation in Realms of Arcania: Blade of Destiny
Saints Row 4 DLC
Can impacts from grenades score headshots in CS:GO?
How do I make Minecraft LAN games show up over WiFi?
Minecraft command skips enchantment