If you have a master slave configuration I guess it is a good idea to
remove the updatehandler altogether from slaves.
--Noble
On Sat, Jun 28, 2008 at 2:39 AM, Chris Hostetter
[EMAIL PROTECTED] wrote:
: A basic technique that can be used to mitigate the risk of a possible CSRF
: attack like
SOLR-607 is still open.Till it is committed this solution may not be poossible
--Noble
On Mon, Jun 30, 2008 at 10:23 AM, Noble Paul നോബിള് नोब्ळ्
[EMAIL PROTECTED] wrote:
If you have a master slave configuration I guess it is a good idea to
remove the updatehandler altogether from slaves.
On Fri, Jun 27, 2008 at 1:54 AM, Chris Hostetter
[EMAIL PROTECTED] wrote:
A basic technique that can be used to mitigate the risk of a possible CSRF
attack like this is to configure your Servlet Container so that access to
paths which can modify the index (ie: /update, /update/csv, etc...) are
Solr isn't normally concerned with Security related issues...
http://wiki.apache.org/solr/SolrSecurity
It is strongly recommended that the application server containing Solr
be firewalled such the only clients with access to Solr are your own.
A default/example installation of
