I am looking for a way to drop connections from known spam ip addresses on an Amazon's Elastic Load Balancer (ELB)?
I am currently doing this at the web server level (multiple instances, running behind the ELB), but wondering if there is a way to do it at the ELB. This way, I can avoid configuring each web server instance for this.
I typically pull the Drop List from Spamhause.org every day and update my web server configuration
I would try using VPC ACLs for that. First of all, ELBs inside VPC can use Security Groups but they only specify a traffic you allow in and out of an ELB. To actually block a traffic coming from a certain IP - an ACL would be the best.
For that to work - a pair of a public (internet-facing) and internal ELBs need to be used with internal ELB protected by subnet ACL DENY rules.
You can't do this from an ELB that is not instantiated inside a VPC (at the date of this answer). If inside a VPC, check out the other answers. If not, you can switch to something more controlable, such as HAProxy or place CloudFlare (https://www.cloudflare.com/) in front of your ELB, which is probably a better option.
{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://img.manongdao.com/sparkler-677774__340.jpg', '推荐 走好不送 的文章《How to configure AWS ELB to block certain IP addre》','https://www.manongdao.com/article-616068.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}