AWS EC2 deny single ip address and allow all
I have a AWS EC2 instance and want deny access on port 80 for a single ip address (a bad bot).
AWS console it seem support only "allow" rules.
How deny a single ip address?
Solution 1:
The only way to deny sources/IP addresses is to use Network ACL's in the VPC. These operate like a firewall allowing or blocking traffic incoming to your subnet, and operate above the Securtiy group level (for traffic coming in from external).
Go to your VPC and then Network ACLs. You should already have one that you can apply a rule to, but if not create one and apply it to the subnet where you have your instance running in and explicitly deny the IP address on port 80 you want to block.