0

We have a situation where we have a website, www.mamapedia.com which is accessible both by the ALB address and the Elastic IP's assigned to the ALB at any given time.

This is problematic and is causing problems. We have identified a site such that has our current Elastic IP's named and our ALB address named in their DNS records. We have also confirmed Google is indexing their site and ours together, impacting our results. For example we can see our pages in Google results with the title of the rogue site that has hardcoded our current Elastic IP address.

It seems to us there are two ways of dealing with this:

  1. ALB + Dynamic IP's (our current setup) - Only allow access to our webservers via the domain name.

  2. ALB + Static IP's - Redirect the static IP's to our domain

We have currently configured on 1. above and are struggling with how to either:

  • Only allow our domain name to resolve to our site
  • Block IP's and ALB addresses (which can change) from resolving to our site

Can someone provide assistance with this?

Again to summarize because both our ALB address and IP"s can change dynamically we would like to only allow access to our site by Fully Qualified Domain.

Thanks in Advance,

Jake

Jacob Peebles
  • 3
  • 1

1 Answers1

0

ALB can perform a so called Host Based Routing. Create an empty target group, and define it as default route/listener. Create another target group containing your target, and add according host routing rules, which only contain your DNS names. I think you'll need one listener per host, but you can assign target groups multiple times.

This will cause that requests coming from another DNS name will not end up on your site.

https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-listeners.html#host-conditions

hargut
  • 3,848
  • 6
  • 10