Hi Xavier, Thanks for your feedback the firewall rule for the trusted IP is not fessiable for us because the application is open for public so we can not work through IP banning. > Vijayant Kumar wrote: >> Hi Group, >> >> I need some feedback on solr security. >> >> For Making by solr admin password protected, >> I had used the Path Based Authentication form >> http://wiki.apache.org/solr/SolrSecurity. >> >> In this way my admin area,search,delete,add to index is protected.But >> Now >> when I make solr authenticated then for every update/delete from the >> fornt >> end is blocked without authentication. >> >> I do not need this authentication from the front end so I simply pass >> the >> username and password to the solr in my fornt end scripts and it is >> working fine. I had done it in the below way. >> >> http://username:passw...@localhost:8983/solr/admin/update >> I need your suggestion and feed back on the above method.Is it fessiable >> method and secure? TO over come from this issue is there any alternate >> method? > Hey, > > there is at least another solution. You can set a firewall rule that > allow connections to the Solr's port only from trusted IPs. >
-- Thank you, Vijayant Kumar Software Engineer Website Toolbox Inc. http://www.websitetoolbox.com 1-800-921-7803 x211
