lucene-solr-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Michael Della Bitta <michael.della.bi...@appinions.com>
Subject Re: .htaccess / password
Date Tue, 06 Jan 2015 21:11:45 GMT
The Jetty servlet container that Solr uses doesn't understand those 
files. It would not use them to determine access, and would likely make 
them accessible to web requests in plain text.

On 1/6/15 16:01, Craig Hoffman wrote:
> Thanks Otis. Do think a .htaccess / .passwd file in the Solr admin dir would interfere
with its operation?
> --
> Craig Hoffman
> w: http://www.craighoffmanphotography.com
> FB: www.facebook.com/CraigHoffmanPhotography
> TW: https://twitter.com/craiglhoffman
>
>
>
>
>
>
>
>
>
>
>
>
>
>> On Jan 6, 2015, at 1:09 PM, Otis Gospodnetic <otis.gospodnetic@gmail.com> wrote:
>>
>> Hi Craig,
>>
>> If you want to protect Solr, put it behind something like Apache / Nginx /
>> HAProxy and put .htaccess at that level, in front of Solr.
>> Or try something like
>> http://blog.jelastic.com/2013/06/17/secure-access-to-your-jetty-web-application/
>>
>> Otis
>> --
>> Monitoring * Alerting * Anomaly Detection * Centralized Log Management
>> Solr & Elasticsearch Support * http://sematext.com/
>>
>>
>> On Tue, Jan 6, 2015 at 1:28 PM, Craig Hoffman <choffman@eclimb.net> wrote:
>>
>>> Quick question: If put a .htaccess file in www.mydomin.com/8983/solr/#/
>>> will Solr continue to function properly? One thing to note, I will have a
>>> CRON job that runs nightly that re-indexes the engine. In a nutshell I’m
>>> looking for a way to secure this area.
>>>
>>> Thanks,
>>> Craig
>>> --
>>> Craig Hoffman
>>> w: http://www.craighoffmanphotography.com
>>> FB: www.facebook.com/CraigHoffmanPhotography
>>> TW: https://twitter.com/craiglhoffman
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>


Mime
View raw message