Reputation:
Solr; "rookie" question
I have a SolrPhpClient on my classifieds website, and whenever users wants to add/remove classified the index in Solr gets updated via Php code.
So I wonder, does this mean that my Solr index is open for anybody to alter with?
Same Q applies to the Solr Admin page. If I set a password for the admin page, does this mean that my classifieds website wont have access to updating/removing documents from the Solr index?
Thanks
Upvotes: 1
Views: 231
Answers (1)
Reputation: 6484
If your Solr instance is available to the public so that anyone can make an http connection to it, you are vulnerable.
Think of Solr as a back-end service (like your MySql database). You should prevent all public access to the Solr instance. You can run a firewall or do some IPTables magic to allow only your PHP application to connect to Solr (and obviously your administrator to connect to the admin interface).
Upvotes: 2
Related Questions
- Questions about SOLR documents and some more
- How do I optimize the solr indexing using mysql
- Database Design and Solr
- Indexing and searching MySQL with solr
- Searching using Solr
- SOLR and PHP help needed
- Which method of SOLR implementation should I use; 3 Questions?
- Question Regarding SolrFilter Query?
- Need help with small Solr problem
- SOLR getting started, little help