Skip to main content

lacework-global-149

Security group inbound traffic should not allow traffic except port 80 and 443

Description

It is typical to have external facing services that require access over ports 80 and 443. Any other access should be carefully evaluated from a security perspective.

Remediation

  1. Log in to the AWS Management Console.

  2. Select Services.

  3. Select EC2.

  4. From the left panel, select Security Groups.

  5. Select the security group to edit.

  6. Select Edit inbound rules.

  7. For each rule, restrict access to only the appropriate IP address range on port 80 or 443.

  8. Select Save rules.

Last updated on