Reputation: 103
restrict access to elasticsearch
I built a simple web interface with a search box where users can type quires. However I want to block users from seeing or accessing directly to port 9200 which ES listens to, so no user can retrieve information from ES without going through the interface, nor can modify the index in any way, through the interface or not. Right now when I type localhost:9200 or 127.0.0.1:9200, I can see the entire ES indices,e.g., http://localhost:9200/_cat/indices?v. Any suggestion on how to do it?
Upvotes: 0
Views: 1433
Answers (1)
Reputation: 3502
If other user has access to localhost, The only remains action is using Shield, the ES application to protect Cluster.
But If you can limit the access to ES not from localhost, you can bind ES only to localhost or using firewall to restrict access to port 9200:
in /etc/elasticsearch/elasticsearch.yml:
network.bind_host: 127.0.0.1
OR
iptables -A INPUT -s !127.0.0.1 -m tcp --dport 9200 -j DROP
Upvotes: 0
Related Questions
- Elastic Search Document Level Security
- Elasticsearch read only user
- Authentication in Elasticsearch
- how to password protect Elastic search
- User authentication in Elasticsearch without third party tools
- How to secure elasticsearch API's
- How can I make my AWS Elastic Search Service Private?
- single permissions in search guard
- Protecting data in elastic search
- How to secure Elasticsearch