[
https://issues.apache.org/jira/browse/TS-766?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Leif Hedstrom updated TS-766:
-----------------------------
Fix Version/s: 3.1
Moving this out to v3.1, it's a good suggestion, I just don't think anyone has
the time to fix this for v3.0. If security is a concern, and you need
clustering, the only suggestion I have is to do ACLs of some sort (e.g.
iptables or other firewall rules, which ought to be easy to setup).
> Authenticate access to cluster command port
> -------------------------------------------
>
> Key: TS-766
> URL: https://issues.apache.org/jira/browse/TS-766
> Project: Traffic Server
> Issue Type: Improvement
> Components: Clustering, Network
> Affects Versions: 2.1.8
> Reporter: Arno Toell
> Labels: security
> Fix For: 3.1
>
>
> Similar to TS-765, the cluster RPC interface should not be reachable by
> everyone. Instead some kind of peer authentication should apply. When
> clustering is enabled, please authenticate and/or restrict access to the RPC
> interface in a way only trusted peers are allowed to control the server.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
