jerry_sjtu
Reputation: 5456
How to disable elasticsearch http module?
The default value of "http.enabled" option in elasticsearch's configuration file is true which means that we can search and admin the cluster from http command, for example:DELETE /index_* request can delete all indexes. But this is not safe when deployment the service to the production environment. How can I fix this problem?
Upvotes: 0
Views: 724
Answers (1)
Olly Cruickshank
Reputation: 6180
You can either implement shield - this is free if you are paying for one of the Elasticsearch support packages.
Or implement a reverse proxy which checks each request and the user running the request, for example nginx.
Upvotes: 1
Related Questions
- How to turn off elasticsearch modules during startup?
- Disable/Hide Elastic search default endpoint access from browser
- How to remove Elasticsearch from Ubuntu?
- Disable reactive Elasticsearch client
- How to disable the Elasticsearch "homepage" ("You Know, for Search")
- Spring Boot - Disable embedded ElasticSearch without removing code or changing POM
- How to disable elasticsearch 5.0 authentication?
- How to remove elasticsearch?
- Turn off embedded Elasticsearch in Spring Boot test
- How disable remote access in elasticsearch