janhoy commented on issue #1058: SOLR-13972: Warn about insecure settings on startup URL: https://github.com/apache/lucene-solr/pull/1058#issuecomment-562897261 Well, if you just download and run Solr without specifying `SOLR_HOST` (or `-Dhost=x`) then earlier it would bind to ALL interfaces and you'd be able to connect to Solr from a 192.x.x.x or 10.x.x.x network or even from a public IP. With [SOLR-13985](https://issues.apache.org/jira/browse/SOLR-13985), Solr will by default bind to 127.0.0.1, and only if you install, say, a proxy software like Nginx on the Solr host would you be able to connect from the outside. If we remove the noise from logs in localhost (dev) mode, it would give a more welcoming first-use experience and we could allow ourselves to be even more aggressive when *not* in localhost-mode. We could flood the AdminUI with warnings, we could fail to start Solr at all if no security configured, with the need for a `-Di.am.a.fool.to.run.solr.without.security=true` option to override. That would trigger some healthy discussions in various IT depts :)
---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected] With regards, Apache Git Services --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
