How can I set AWS ELB block too many queries from a given IP?

Asked 9/2, 2016 at 20:50 Answered 6/3, 2021 at 6:7

We have had issues where one IP makes hundreds of requests to our servers, resulting in an overloaded RDS database. Is there a way to set our AWS ELB to block in the case of this DOS-like behavior?

Pastorate answered 9/2, 2016 at 20:50 Comment(0)

Well, this is a very old post but you can do it with AWS WAF, you just need to attach an ACL to your ELB and set a rate limit rule like in the image:

I hope this helps someone in the future, I had a really big problem an this solved it for me.

Rapier answered 6/3, 2021 at 6:7 Comment(1)

This will work as requested. However, for those who want to throttle across IPs, one solution we used it to create a CloudWatch Alarm that sends an alarm to a SNS topic when request count exceeds desired number. A simple Lambda is being invoked from that SNS message that will simply change the Listener to a fixed response to display a nice "Service Busy" message. A second set of above aws resources is to clear the throttling when request count decreased to a lower number. – Lessen 14/7, 2021 at 18:19

You could block the IP with an ACL rule on the VPC.

http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_ACLs.html

Palmer answered 9/2, 2016 at 21:1 Comment(2)

What OP is asking is to limit the rate of queries, not block it totally. – Varick 9/2, 2016 at 21:4

Maybe, I don't think the OP is really clear enough regarding what he is asking. Depending on the type of application, and the type of requests, a CDN might be the answer, but the OP just asks about load balancers without giving enough detail for a thorough answer. – Palmer 9/2, 2016 at 21:8

What you are asking for is rate limit at ELB. Unfortunately AWS does not provide rate limit for ELB.

ELB Rate Limiting and IP Rules

Varick answered 9/2, 2016 at 21:3 Comment(0)

ELB does not support that, as mentioned by helloV. You can do that on the NGINX level: https://www.nginx.com/blog/rate-limiting-nginx/.

If you have any piece of code as a lambda, API Gateway supports rate limiting (or throttling): https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-request-throttling.html

Jyoti answered 10/10, 2018 at 12:56 Comment(1)

The catch with Nginx limiting is getting it to share an enforced rate across all instances. I.e. If Nginx limit is just for one instance, then your rate is multiplied by the number of instances in the ELB. This is what makes rate limiting at the ELB desirable. – Snath 18/7, 2019 at 2:10

Recommended topics

Hot tags