lucene-solr-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jan Høydahl <>
Subject Re: Solr security
Date Mon, 09 May 2011 21:28:06 GMT

You can simply configure a firewall on your Solr server to only allow access from your frontend
server. Whether you use the built-in software firewall of Linux/Windows/Whatever or use some
other FW utility is a choice you need to make. This is by design - you should never ever expose
your backend services, whether it's a search server or a database server, to the public.

Read more about Solr security on the WIKI:

Jan Høydahl, search solution architect
Cominvent AS -

On 9. mai 2011, at 20.57, Brian Lamb wrote:

> Hi all,
> Is it possible to set up solr so that it will only execute dataimport
> commands if they come from localhost?
> Right now, my application and my solr installation are on different servers
> so any requests are formatted http://domain:8983 instead of
> http://localhost:8983. I am concerned that when I launch my application,
> there will be the potential for abuse. Is the best solution to have
> everything reside on the same server?
> What are some other solutions?
> Thanks,
> Brian Lamb

View raw message