I know this's kinda a silly question. But how I can secure elasticsearch server in the front end view. For example, I have to collect the user's data in the front and, that being said, every time user clicks a button or write something, we send the post request including the the data to the elasticsearch server to process.
So go back to the question, how can I protect the server while it has to be public to be used.
Should I make and proxy between the two, or any suggestion?
Thanks for all the recommendations, but still, even I have an application/server in the middle, if the hacker gets the pattern of the request in frontend, they can easily make more request and spam our, like add more document into the database. And elastic can't help with that.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.