Block HTTP traffic based on XFF IP behind ELB

iptables can only work with IP and we cannot make it use the values from a HTTP header OS : Amazon Linux #yum install mod_security #vim /etc/httpd/conf.d/mod_security.conf Following rule is added to block Traffic [ELB used]: SecRule REQUEST_HEADERS:X-Forwarded-For “@Contains 11.222.333.44” “phase:1,log,deny,id:1001” Following rule is added to block traffic [ELB not used] SecRule REMOTE_ADDR “^111.222.333.444” “phase:1,log,deny,id:1004” […]

htaccess for Apache

OS -> Ubuntu Install apache #apt-get install apache2 Enable rewrite_module #a2enmod rewrite Create the htaccess file vim /var/www/unni/.htaccess AuthUserFile /var/www/unni/.htpasswd AuthGroupFile /www.null AuthName “Authorization Required” AuthType Basic require user abc Create the htpasswd encrypted to store user credentials htpasswd -c /var/www/unni/.htpasswd abc Make an entry in the apache virtualhost file for this directory vim /etc/apache2/sites-enabled/000-default […]