Hello, this is my first post on Server Fault, so please feel free to edit/correct etiquette.
I am managing a server at work that we have hosted on AWS. Recently, it has fallen victim to a DDoS attack. Luckily, this is only a staging server (right now), but in the future, we plan to use an API on it on a production application.
Currently, I have stopped the attack by limiting access (via AWS security groups) to all IPs but my own, and the office. This has worked, but obviously will not work if people need to access this server in the future.
My ideal system would be: block all traffic that is not coming from our domain, the domain we host all products on. For example, if that domain was "company.com", we would like for all requests coming from some random IP or another domain. Is this possible via AWS?
If not, the server is Apache2 and Ubuntu, and we may decide to handle this problem in there. I'm not very strong in Apache though, so I'm hoping there is a good AWS solution.
Again, if there is a duplicate question to this, feel free to close this/point me to it, I just don't know exact terminology for a lot of these topics and hence it is hard to find the right questions. Thank you!
