A company runs an application behind an Application Load Balancer (ALB). A security engineer has noticed many suspicious HTTP requests hitting the ALB. There is an Amazon CloudFront distribution in front of the ALB. Users are reporting performance problems. A security engineer discovers that the website is receiving a high rate of unwanted requests to the CloudFront distribution originating from a series of source IP addresses. How should the security engineer address this problem with the LEAST effort?