I have an AWS lightsail instance running wordpress. It is getting pounded with hits from Chinese IP addresses - and they keep changing IP's. I started making hundreds of iptables rules but am giving up as this is clearly the wrong approach.
I discovered the AWS WAF service, and created an ACL which drops traffic from China. And the WAF is in the same region as my lightsail instance.
Great. But it's not doing anything...still getting hit. I can't figure out how (or IF) I connect my lightsail traffic to the WAF. Is it even possible?
I don't need a load balancer, nor cloudfront, nor do a have a gateway (I think). This setup is really simple...
AWS WAF will not work in your use case unless you use an Application Load Balancer
If you're not using one of these technologies AWS WAF will not work for you.
I understand you do not want to use an Application Load Balancer but Lightsail does support it. If you were to use it then you could use AWS WAF.
References
Lightsail with other AWS Services
AWS WAF FAQ
I am in same situation as TSG. We hosting site in Ohio east-2 region. But I figured I can't use WAF directly for lightsail so I created a cloudfront. But still could not get it to work. Any advice here?