Hi, If like most people you have application server(s) in front of solr, the simplest and most secure option is to bind solr to a local address (192.168.* or 10.0.0.*). The app server talks to solr via the local (a.k.a blackhole) ip address that no-one from outside can ever access as it's not routable.
Plus you then don't need to employ authentication which can slow down responses as you're ONLY employing access control.This is what we do for access to 5 solr servers. Cheers, Dan On Wed, Sep 5, 2012 at 10:51 AM, Paul Codman <snoozes...@gmail.com> wrote: > First time Solr user and I am loving it! I have a standard Solr 4 set up > running under Jetty. The instructions in the Wiki do not seem to apply to > Solr 4 (eg mortbay references / section to uncomment not present in xml > file / etc) - could someone please advise on steps required to secure Solr > 4 and can someone confirm that security operates in relation to new Admin > interface. Thanks in advance.
