aws IP 声誉规则组和 IP 禁止访问规则

WAF & Shield----->Web ACLs--->Rules---->Add rules---->Add managed Rules Group-----AWS managed rule groups----->Free rule groups

Amazon IP reputation list : Add to web ACL---->edit:

Scope of inspection:Inspect all web requests

Amazon IP reputation list rules:

Override all rule actions:Override to Block

AWSManagedIPReputationList:Override to Block

AWSManagedReconnaissanceList:Override to Block

AWSManagedIPDDoSList:Override to Count

 

参考：

https://docs.aws.amazon.com/zh_cn/waf/latest/developerguide/aws-managed-rule-groups-ip-rep.html

 

IP黑名单设置：

waf页面：

　　IP sets---》Create IP set:block_ip

添加规则：

WAF & Shield----->Web ACLs--->Rules---->Add rules

Rule type：ip sets

Rule builder：

Rule:

　　name:ip_deny自己取名

　　type:Regular rule

If a request matchs the statement:

　　Statement:

　　　　Inspect: originates from an IP adress in

　　　　IP set:block_ip上面创建的规则名称

　　　　Source IP address

action :block