You are facing a very serious issue. You can easily solve the problem that
is occurring in Elasticsearch, but the bigger problem that you are
experiencing is that your server is exposed to the world.
What is happening is that someone is scanning your system for known
vulnerabilities. When these scans execute a PUT request, it is creating a
document as a consequence. You can disable this behavior by setting
action.auto_create_index to false. [1]
That said, your Elasticsearch server is still accessible to anyone over the
internet. It should be placed behind a firewall, or at the very least
behind a proxy like nginx or even node.js. I do not think your system can
be compromised by having a public Elasticsearch server, but your data will
be.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.