Posts

Showing posts from January, 2022

HowTo: GeoIP restrictions for Amazon Linux 2

Image
Background: I have a few Amazon Linux 2 EC2 instances that I run for personal use.  Generally, I restrict "important" / remote access services to my home egress IPs, but for services that I expect to be generally available I cannot do that. Anyone who has hosted a service on the public Internet knows that it's a matter of minutes after the service comes online before it starts being probed by all manner of scanners, exploit scripts, curious hackers, botnets, &etc.  No big deal, just build secure services, right? Naturally.  But "defense in depth" dictates that if you can  filter out a large percentage of these requests, you should.  As doing so not only reduces the load on your service, but also reduces the likelihood of your service being tagged by some unforeseen exploit. Enter:  Maxmind's GeoIP database and the xtables-addons GeoIP filter .  With the geoip module you can easily use iptables to restrict traffic to only those countries you know y...