IP filtering on Elastic Search 5.2.2

eramitsinha · July 20, 2017, 9:13pm

Hi,

(ref: https://www.elastic.co/guide/en/x-pack/5.2/ip-filtering.html)
I was trying to implement IP filtering using X-Pack, so I have installed X-Pack on elastic search and I wanted to restrict localhost using following yml configuration, but I am able to access elastic search using http url:

yml:
xpack.security.enabled: true
xpack.security.http.filter.enabled: true
xpack.security.http.filter.deny: ["1XX.2XX.219.122", "localhost","127.0.0.1"]

Am I missing anything please let me know.

Thanks,
Amit Sinha.

TimV · July 21, 2017, 6:54am

The note at the bottom of that page says:

In order to avoid locking yourself out of the cluster, the default bound transport address will never be denied. This means you can always SSH into a system and use curl to apply changes.

It is intentionally not possible to block the local machine with IP filtering.

eramitsinha · July 21, 2017, 3:23pm

Thank You.

system · August 18, 2017, 3:23pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.