Blocking Traffic from Specific IP Address with AWS Network ACL

2020/3/22 min read
bookmark this

This blog shows few ways of use AWS Network ACLs to block traffic to your site.

How to blocking traffic from a Specific IP address

AWS has few ways to block specific targets to access your site, for example, Network ACL or WAF. So let's assume one of the examples, you have a web site running in EC2 instance as one web server, now there's one IP address you noticed and want to block the traffic. You can use the Network ACL as following.

Find the Network ACL from EC2

First, you need to find out the Network ACL from EC2 instance. You can click Subnet from EC2, then click Network ACL.

Find the IP address

Next, you need to have an IP address. If you want to test your own machine's IPv4 Address, you can either google that what's my IP address or go to to check your Public IP address.

Create a new rule to block traffic

Create a new inbound rule as following

  • Rule#: small number than allow traffic. 
  • Type: ALL Traffic
  • Protocol: ALL
  • Port Range: ALL
  • Source: {Your IP address}/32
  • Allow/Deny: Deny

Now, you should be able to block the IP address to access your EC2 instance.