Update 'Install_Configure_ElasticSearch'

Kaimbacher 2022-07-01 09:24:03 +00:00
parent 4fa14fffce
commit dcd6e1d8d7

@ -57,3 +57,30 @@ Let's create a new file called 'memory.options' in the 'jvm.options.d' directory
`sudo systemctl restart elasticsearch`
# Step 3- Securing ElasticSearch
By default, Elasticsearch can be controlled by anyone who can access the HTTP API. This is not always a security risk because Elasticsearch listens only on the loopback interface (that is, 127.0.0.1), which can only be accessed locally. Thus, no public access is possible and as long as all server users are trusted, security may not be a major concern.
If you need to allow remote access to the HTTP API, you can limit the network exposure with Ubuntus default firewall, UFW.
We will now configure the firewall to allow access to the default Elasticsearch HTTP API port (TCP 9200) for the trusted remote host, generally the server you are using in a single-server setup, such as 172.16.4.48. To allow access, type the following command:
`sudo ufw allow from 172.16.4.48 to any port 9200`
Once that is complete, you can enable UFW with the command:\
`sudo ufw enable`
Finally, check the status of UFW with the following command:\
`sudo ufw status`
If you have specified the rules correctly, you should receive output like this:
``` bash
Output
Status: active
To Action From
-- ------ ----
9200 ALLOW 198.51.100.0
...
```