Limiting IPs with ACL rules in AWS

There are two IP addresses (172.31.42.243 and 172.31.19.188) that are hitting my site in AWS (Beanstalk hosted) repeatedly with garbage requests.

I have tried to block them using ACL deny rules. If I add only one I'm still able to hit my site. If I add both then I'm not able to hit my site.

Both the deny rules are using /32 for the CIDR notation and the deny rules I added are lower numbers than the default allow all rule. What am I doing wrong?

Solution

Those aren't the IP addresses of the machines that are attacking you; those are the internal IP addresses of your ELB. That's also why you can't access your site after blocking them - no one can!

You need to look at the access logs on the ELB, not on your application server, to determine which IP address(es) are attacking you. You can configure access logging on your ELB on the "Description" tab, under "Attributes".

How to create a size condition using AWS dynamodb-mapper-js
Unable to read text file in Glue job
Lambda Provisioned Concurrency showing 0 available. But I'm not using any
How to use AWS Secret Manger in JavaScript file hosted on ECS container
Creating a schedule expression for eventbridge using terraform
AWS RDS restoring snapshot with upgraded engine version giving error
Error with not existing instance profile while trying to get a django project running on AWS Beanstalk
Timeout when trying to retrieve EC2 instance-id metadata from within it
Lease table is not updated when new shards are added causing stale workers in KCL
libsndfile.so.1: cannot open shared object file: No such file or directory
Why does ECS binpack strategy on memory always scale up a new EC2 instance despite available resources?
How to pull every single image (tag or untagged) from AWS ECR?
In CloudFormation how can I link RDS and Secrets Manager so I don't have to hardcode the password?
Renaming AWS GraphQL Schema Types
How to install postgresql-client to Amazon EC2 Linux machine?
PyCharm: Why "Python Console" is not accessing ~\.aws\credentials file? How to set it within "Python Console"
Is it possible to run aws s3 sync with boto3?
Python 3 asyncio with aioboto3 seems sequential
Serverless / AWS Lambda - Create the triggers for the published lambda versions
AWS Glue missing permissions
Invoking lambda from API gateway test, but hitting the endpoint does not invoke the lambda. 500 returned
terraform destroy needs original terraform code to destroy?
AWS CDK Change S3 deployment folder lifecycle time
How to correctly/safely access parameters from AWS SSM Parameter store for my Python script on EC2 instance?
Why is my image not displaying on my Web page?
How to copy blobs from azure to aws using python?
S3 Bucket action doesn't apply to any resources
Couldn't proceed with upgrade process as new nodes are not joining node group standard-workers
How to customize "From" name for SNS emails
Changing the name of a Load Balancer on AWS Console