Security

Add Cloudflare IPs Amazon EC2 Security Group

If you want to add Cloudflare IPs Amazon EC2 Security Group values to restrict your server origin IP address, let's take a look at how to do that.
Brandon LeeMay 6, 2016Last Updated: January 11, 2021
2 minutes read
ec2sec01
ec2sec01

If you are utilizing Cloudflare as your DNS/CDN provider for your website and you are utilizing an Amazon EC2 instance as your host, let’s take a quick look at the topic – how toย add cloudflare ips amazon EC2 security Group. ย You want to do this to protect your origin server from being directly accessible to the Internet. ย In this way, only cloudflare servers will be able to directly access your web host which greatly improves your security posture.

Add Cloudflare IPs Amazon EC2 Security Group

First things first, you can find the current list of cloudflare IPs via the page found here:ย https://www.cloudflare.com/ips/

Now that we have the list of IPs that should be added to the ACL listing in our Amazon EC2 security group, let’s take a look at how to add them in. ย To see whichย security groups you are using, go to the EC2 Dashboard and then Instances. ย Right click on your EC2 instance and selectย networking >> change security groups. ย This will show you which security groups you are using by the check marks by them.

ec2sec01

Now, after you figure out the security groups in use, you canย edit the security group. ย Go toย Network & Security >> Security Groups. ย This will display a table of the security groups that have been created.

To edit, all you do is click on the security group. ย Then the table at the bottom will have (4) tabs – Description, Inbound, Outbound, Tags. ย We are concerned with restrictedย Inbound traffic, so click theย Inbound tab and thenย Edit.ec2sec03

This brings up theย Edit inbound rulesย table. ย Here you can click theย Add Rule button at the bottom which makes a new row in the table for your configuration. ย Make sure you specifyย HTTP for theย Type andย Custom IPย for theย Source. ย Then you simply add the Cloudflare IP addresses. ย You can then remove theย Any Source andย 0.0.0.0/0ย which will restrict any web traffic except that coming from Cloudflare.

ec2sec02

Final thoughts

Hopefully the above information will help any who might be struggling with how to add Cloudflare IPs to Amazon EC2 security groups. ย The process is fairly straightforward and the main challenge is finding where to add the IPs and how to see which security groups are in use. ย Hopefully, this post makes thatย a bit clearer.

Brandon LeeMay 6, 2016Last Updated: January 11, 2021
2 minutes read

Subscribe to VirtualizationHowto via Email ๐Ÿ””

Enter your email address to subscribe to this blog and receive notifications of new posts by email.



Photo of Brandon Lee

Brandon Lee

Brandon Lee is the Senior Writer, Engineer and owner at Virtualizationhowto.com, and a 7-time VMware vExpert, with over two decades of experience in Information Technology. Having worked for numerous Fortune 500 companies as well as in various industries, He has extensive experience in various IT segments and is a strong advocate for open source technologies. Brandon holds many industry certifications, loves the outdoors and spending time with family. Also, he goes through the effort of testing and troubleshooting issues, so you don't have to.

Related Articles

Settings-contained-in-the-Encryption-Oracle-Remediation-Fix

Windows 10 RDP CredSSP Encryption Oracle Remediation Error Fix

May 10, 2018
npslog04

Windows 2012 R2 NPS log files location configuration

April 22, 2016
Cyber,Security,,Data,Protection,,Information,Privacy.,Internet,And,Technology,Concept.

Top 20 Open Source Cyber Security Monitoring Tools in 2023

May 9, 2023
Top 20 Open Source Vulnerability Scanner Tools in 2023

Top 20 Open Source Vulnerability Scanner Tools in 2023

July 5, 2023

One Comment

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

© Copyright 2024, All Rights Reserved  | VirtualizationHowto.com