How do I protect a AWS lightsail instance?

A site I just set up is getting probed by a botnet and the traffic is increasing. They are going directly after the IP address, bypassing cloudflare completely. Is there any way to set up a WAF aside from a VPN?

Your origin needs a Firewall to block any incoming traffic that doesn’t come from cloudflare.com/ips

https://aws.amazon.com/about-aws/whats-new/2020/05/amazon-lightsail-firewall-now-supports-source-ip-based-rules-and-ping/

I’m kind of new to this and thought that cloudflare is just acting as a DNS server. Under normal conditions are they routing all traffic through their servers like a VPN? What do the mechanics look like? Feel free to point me at a “how cloudflare works” doc - I can’t find one…

Thanks for responding!

I am not sure if Lightsail has ACLs like VPCs have. Watch out for it and only allow the IP ranges mentioned by @sdayman.

1 Like

Thank you both. I’ve set up the IP ranges and cleared my tracker.

1 Like

Remove your VPN because it goes through the proxy.
If the bot bypass cloudflare everytime you go to your account changes the API key. Please please close all the settings on your computer that you can shearing. Close everything that is remote.

In the page rules, put your SSL Off.
It is a suggestion.
I experienced an attack Men in the middle by SSL.