Hi,
I'd like to expose Kibana + Elasticsearch publicly, since it's an easy
exploration tool for the data I'm storing in es. From browsing
the web and the mailing list, it looks like such a setup--while
discouraged--can still be done by using a reverse proxy in front of the
HTTP server of es. For example, however http://demo.kibana.org is
secured.
The steps I'm planning to take are:
- Use nginx proxy_pass for public HTTP
- Disable PUT/DELETE methods
- Disable POST on all but the _search endpoint for my index.
- Disable dynamic script execution in queries.
Is there anything else I need to do to ensure users can't
add/change/delete
the data or gain access to the machine through es?
(As an aside, does anybody have experience running elasticsearch on
VPSses
with 256-512MB of ram? Any tips to reduce memory usage?)
--
You received this message because you are subscribed to the Google Groups
"elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/elasticsearch/121f467ed631f7d1d2e10ca149172a7f%40hakase.org.
For more options, visit https://groups.google.com/groups/opt_out.
