Elasticsearch Ip restriction using NGINX

Hi,

I have elasticsearch instance running in my linux server on xxx.xxx.1.75: 9201.

I have installed and configured NGINX on another server xxx.xx.1.89 and set the proxy for the elasticsearch to be running on port 5001i.e., it is able to access from xxx.xxx.1.89:5001.

But when I try to access the elasticsearch using port xxx.xxx.1.75:9201 it is running good, which I don't want to happen.

I want to restrict the access of elasticsearch cluster only through NGINX reverse proxy server i.e., xxx.xx.1.89:5001 but not directly from xxx.xx.1.75:9201.

Please help me to solve this.

thanks.

Can you describe more about your environment? Like whether it is on cloud, on-premise infra.

If you are on cloud like AWS, GCE , Azure you can restrict the data layer ( ES ) using security groups, to be accessible only from the nginx which will be your public facing server.

I am not sure whether you can do it on an on-premise with no access to firewall. If you can nginx on the same instance where ES is installed you can make Elasticsearch listen on localhost instead of IP and route nginx proxy to 127.0.0.1:9201 instead. Which will allow only nginx to talk to Elasticsearch.

--
Niraj

My environment is an on premise environment.

Is there any way to change elasticsearch.yml file by changing "http.host " so that elasticsearch is restricted by nginx of other server.

I have tried with http.host: 127.0.0.1 in elasticsearch.yml and configured that in nginx.conf as 127.0.0.1:9001 previously and it is working fine.

The only thing I want to do is to access this elasticsearch from other nginx reverse proxy server.

Help me solve this.

thanks

Well you can try a iptables trick something like this.

iptables -A INPUT -p tcp --dport 22 -s YourIP -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -j DROP

Replace the port 22 with the elasticsearch port and YOUR IP with IP of nginx.

I used the command :

sudo firewall-cmd --zone=trusted --add-source=xxx.xx.1.75 to allow the traffic from elasticsearch to the NGINX server on xxx.xx.1.89.

And tried to access it through nginx by specifying it in nginx.conf.

Still it show 502 BAD Gateway error.

Did you try telnetting from nginx server to check whether nginx can talk to that port. And also trying it from different system whether the firewall actually worked.

Thank you very much for the assistance.

I followed your suggestions and resolved the issue.

Glad it worked for you.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.