Several CLI Ways to Find Out Your Public IP Address
Need to know your public IP address? Use one of the following:
|
|
ip-address
Revoke and Grant Public IP Addresses to Amazon EC2 Instances Via AWS Command Line Interface (CLI)
If you work from place to place, such as from one coffee shop to another, and you need access to your Amazon EC2 instances, but you don’t want to allow traffics from all IP addresses. You can use the EC2 Security Groups to allow the IP addresses from those locations. But once you move on to a different location, you want to delete the IP address from the previous location. The process to do these manually and over and over again quickly becomes cumbersome. Here is a command line method that quickly removes all other locations and allows only the traffic from your current location.
The steps are:
- Revoke all existing sources to a particular port
- Grant access to the port only from the current IP address
Assume the following:
- Profile:
default - Security group:
mygroup - Protocol:
tcp - Port:
22
First, revoke access to the port from all IP addresses:
|
|
The aws ec2 describe-security-groups command before the first pipe returns JSON formatted data, filtered via JMESPath query, which is supported by AWS CLI, for example:
|
|
jq command simply converts an array of JSON to line by line strings, which xarg takes in, loops through and deletes one IP address at a time.
After this step, all IP addresses originally allowed are all revoked. Next step is to grant access to the port from a single IP address:
Update GitHub Pages Deprecated IP Addresses with Zone Apex Domain
Recently, I have received a warning email from GitHub:
GitHub Pages recently underwent some improvements (https://github.com/blog/1715-faster-more-awesome-github-pages) to make your site faster and more awesome, but we’ve noticed that realguess.net isn’t properly configured to take advantage of these new features. While your site will continue to work just fine, updating your domain’s configuration offers some additional speed and performance benefits. Instructions on updating your site’s IP address can be found at https://help.github.com/articles/setting-up-a-custom-domain-with-github-pages#step-2-configure-dns-records, and of course, you can always get in touch with a human at [email protected]. For the more technical minded folks who want to skip the help docs: your site’s DNS records are pointed to a deprecated IP address.
What are the improvements on GitHub Pages? Here are the two major improvements [1]:
- Pages are served via CDN (Content Delivery Network)
- DoS (Denial of Service) protection
But my site wasn’t properly configured to take advantage of speed and performance due to that the “DNS records are pointed to a deprecated IP address”.
What are the IP addresses that GitHub Pages uses before but have been deprecated now?
The domain realguess.net is an custom zone apex domain (also called bare, naked, or root domain). The domain blog.realguess.net is not a zone apex domain, but a subdomain. “A custom subdomain will not be affected by changes in the underlying IP addresses of GitHub’s servers.” [2] But, I am not using a subdomain. I have configured the zone apex domain to point to currently deprecated IP addresses. “If you are using an A record that points to 207.97.227.245 or 204.232.175.78, you will need to update your DNS settings, as we no longer serve Pages directly from those servers.” [3] So, these IP addresses are deprecated, and need to update the current DNS from:
|
|
to the new ones pointed by username.github.io:
|
|
And the new IP address are:
192.30.252.153
192.30.252.154
Using a subdomain is a better solution, so I don’t need to care about the changing GitHub Pages IP addresses in the future. But I don’t think the frequency of IP address updating is going to be very often. So, I will stick with my zone apex domain.