I have not protected elasticsearch, so someone hacked it, left new index with contents where to transfer bitcoins. Data I can regenerate, the questions is how can I get rid of that. Accessing the indices directly works, but search scripts return http code 400 when I do curl requests with php. Any ideas?
I removed the folder and created index from the beginning. It did not fix anything.