I have a set of EC2 instances and a load balancer in front of them. I set up a security group for the ELB and set an inbound rule to allow HTTP traffic from anybody.
However I would like to restrict access to a specific path (say /admin) on my EC2 instances only to requests that are coming from a source ip/range. Could I do this by setting an inbound rule? It doesn’t seem like it supports this. Is there any other way to achieve this?
Thanks
Answer
You can’t set up the ingress rules in the Security Groups that way; they are not specific to HTTP and don’t know anything about URLs.
The way to do this is to set up access control in your HTTP server. For example in Apache you can restrict access to a particular path in either the server config or a .htaccess file like this:
Order Deny,Allow
Deny from all
Allow from 1.2.3.4
See the documentation here for Apache. Nginx has similar features.
Attribution
Source : Link , Question Author : user313551 , Answer Author : ianjs
