Skip to content
This repository has been archived by the owner on Jun 2, 2021. It is now read-only.

Delay Blocked IP Address (DDOS) #28

Open
levilugato opened this issue Oct 4, 2018 · 1 comment
Open

Delay Blocked IP Address (DDOS) #28

levilugato opened this issue Oct 4, 2018 · 1 comment

Comments

@levilugato
Copy link

Is it possible to immediate block IP when receive attacks (DDOS)? Apparently S3 has a lag to record a log list.
@hugobcar
Copy link

hugobcar commented Oct 5, 2018

Yes, really.

that some or all log file entries for a time period can sometimes be delayed by up to 24 hours https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/AccessLogs.html#access-logs-timing

In the beginning of the year, I develop this solution for this problem:
https://engineering.contaazul.com/instant-block-of-attacks-to-aws-websites-using-cloudfront-lambda-edge-dynamodb-waf-a94281cb5bde

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@hugobcar @levilugato