Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Noob Question; how do we ensure that full query interface of elasticsearh isn't exposed to the browsers?

PS: I m using elasticsearch in the backend.



You could proxy using nginx to allow read only access to specific endpoints, there's a few good posts about it going into better detail than me, for example:

http://blog.eagerelk.com/securing-elasticsearch-using-nginx-...


We proxy the elasticsearch connection through the server and sanitize the request. Some installations also add more filters like permissions filter.

In future releases, we're going to improve on this. Stay tuned!


http://docs.searchkit.co/stable/docs/server/searchkit_expres...

we ship a node.js proxy to hide your elastic instance, and you can add permission filters etc.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: