Allowing remote access to Elasticsearch

python security lucene debian elasticsearch
15,196

Solution 1

When elasticsearch is installed and run without any configuration changes by default it binds to localhost only. To access the elasticsearch REST API endpoint remotely the below changes has to be made on the server where elasticsearch has been installed.

  • Elasticsearch Configuration Change Update the network.host property in elasticsearch.yml as per the guidelines provided in the elasticsearch documentation For example to bind to all IPv4 addresses on the local machine, change as below network.host : 0.0.0.0

  • Firewall Rules Update Update the Linux firewall to allow access to port 9200. Please refer your Linux documentation for adding rules to the firewall.

For example to allow access to all the servers(public) in CentosOS use the firewall-cmd

sudo firewall-cmd --zone=public --permanent --add-port=9200/tcp
sudo firewall-cmd --reload

Note : In production environment public access is discouraged. A restricted access should be preferred.

Solution 2

In config/elasticsearch.yml, put network.host: 0.0.0.0. And also add Inbound Rule in firewall for your ElasticSearch port(9200 ByDefault). It worked in ElasticSearch version 2.3.0

Solution 3

Edit: As Sisso mentions in his comment below, Elasticsearch as of 2.0 at least binds to localhost by default. See https://www.elastic.co/guide/en/elasticsearch/reference/2.0/modules-network.html for more information.

As Damien mentions in his answer, by default ES allows all access to port 9200. In fact, you need to use external tools to provide authentication to the ES resource - something like a webapp frontend or just simple nginx with Basic Auth turned on.

Things that can prevent you from accessing a remote system (you probably know these):

  • network configuration problems
  • ES host firewall blocks incoming requests on port 9200
  • remote host firewall blocks outgoing requests to ES host and/or port 9200
  • ES is configured to bind to the wrong IP address (by default however, it binds to all available IPs)

Best guess? Check that you can connect from remote host to ES host, then check firewall on both systems. If you can't diagnose further, maybe someone on the ES mailing list (https://groups.google.com/forum/#!forum/elasticsearch) or IRC channel (#elasticsearch on Freenode) can help.

Solution 4

To allow remote access with one default node, settings\elasticsearch.yml should have:

network.host: 0.0.0.0
http.port: 9200

My case I need three instances. For each instance, it's necessary declare also the port range used. 

network.host: 0.0.0.0
http.port: 9200-9202

Solution 5

There is no restriction by default, ElasticSearch expose a standard HTTP API on the port 9200.

From your third party server, are you able to: curl http://es_hostname:9200/?

Share:
15,196
Jimmy
Author by

Jimmy

Updated on June 04, 2022

Comments

  • Jimmy
    Jimmy almost 2 years

    I have a default installation of Elasticsearch which I am trying to query from a third party server. However, it seems that by default this is blocked.

    Is anyone please able to tell me how I can configure Elasticsearch so that I can query it from a different server?

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Escaping special characters in elasticsearch
Kali Linux (Debian) can't install pip.py
Elastic Search Lucene version error
Elasticsearch field name aliasing
How to start/kill application with python script?
Does my code prevent directory traversal?
How to list all openssl ciphers available in statically linked python releases?
Slow index speed of Elasticsearch
Daemonizing a python script in debian using virtualenv
How to increase the max_result_window in elasticsearch using a python script?