Dear Jochen, Thank you for your answer.
Dear Dennis, It's not really a big matter as the APIs require authentication. Though we don't use the API from public network so it's good to hide it up and prevent any DDoS in case :P . Thank you. Eric On Thu, Apr 21, 2016 at 7:05 PM, Dennis Oelkers <[email protected]> wrote: > Hey Eric, > > regarding point 3: what are your exact security concerns about exposing > the REST API? > > Kind regards, > D. > > -- > Tel.: +49 (0)40 609 452 077 > Fax.: +49 (0)40 609 452 078 > > TORCH GmbH - A Graylog company > Steckelhörn 11 > 20457 Hamburg > Germany > > Commercial Reg. (Registergericht): Amtsgericht Hamburg, HRB 125175 > Geschäftsführer: Lennart Koopmann (CEO) > > > On 21.04.2016, at 09:03, [email protected] wrote: > > > > Dear Graylog community support / users, > > > > I have been using Graylog since 1.2 and its working great. > > > > Just discover a change about a health check in Graylog's web just might > cause problems. > > It's known and normal that the Graylog's web service detects the server > node(s) healthiness with API thru TCP 12900. > > > > However I noticed an issue in Graylog 2. > > When I am trying out Graylog 2 (Alpha and Beta), the web UI > automatically calls TCP 12900 (API port) in the client side using the > public address. > > That is, from the developer mode of the browser, I can see URL call of > http://<graylog web service hostname>:12900/system/cluster/node. This > causes the following issues: > > > > 1) With the default configuration, such check listens to private IP of > the server. So just when deploying the Graylog to internet, the check > fails. (Unless we access the website through VPN IP or update > rest_transport_uri in /opt/graylog/conf/graylog.conf) > > 2) Health check should probably be done in background in the server > (i.e. like Graylog 1.2, 1.3...the checking will not be exposed to client > side / browser) > > 3) We need to expose TCP 12900 of the web service to public, security > concern arises as the API port would be facing the public internet as well > > > > Thank you. > > Eric > > > > -- > > You received this message because you are subscribed to the Google > Groups "Graylog Users" group. > > To unsubscribe from this group and stop receiving emails from it, send > an email to [email protected]. > > To view this discussion on the web visit > https://groups.google.com/d/msgid/graylog2/a43a9ea9-2b6b-4d6a-8b91-1304b84dd008%40googlegroups.com > . > > For more options, visit https://groups.google.com/d/optout. > > -- > You received this message because you are subscribed to a topic in the > Google Groups "Graylog Users" group. > To unsubscribe from this topic, visit > https://groups.google.com/d/topic/graylog2/FAovHmo0ctE/unsubscribe. > To unsubscribe from this group and all its topics, send an email to > [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/graylog2/7FE12566-B7BC-41BB-810F-BE3D31D632EF%40graylog.com > . > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/CAF2Mi_xPK29GbZGvYgpRzoOXELawQOUsZU%2B-H1tT-A13JvscUA%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
