I mean assuming that you want to open SSH you are going to need to secure that e... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		jiggy2011 on Dec 19, 2012 \| parent \| context \| favorite \| on: AWS: the good, the bad and the ugly I mean assuming that you want to open SSH you are going to need to secure that either using keys or fail2ban. If you have a web server you might need mod_security (or does AWS reverse proxy everything?). If you want remote database access you need to configure that too. Does AWS provide easier tools for that stuff? Because you can't really cover it with a general firewall.

ceejayoz on Dec 19, 2012 [–]

The only things exposed on our VPC are an Amazon ELB and a well-secured SSH bastion host (keys only, EC2 instances have password login disabled by default) for getting into the private cloud.

No reason you can't run stuff like mod_security, but that's not strictly a firewall, just Apache setup.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact