IP filtering on Elastic Search 5.2.2


(ref: https://www.elastic.co/guide/en/x-pack/5.2/ip-filtering.html)
I was trying to implement IP filtering using X-Pack, so I have installed X-Pack on elastic search and I wanted to restrict localhost using following yml configuration, but I am able to access elastic search using http url:

xpack.security.enabled: true
xpack.security.http.filter.enabled: true
xpack.security.http.filter.deny: ["1XX.2XX.219.122", "localhost",""]

Am I missing anything please let me know.

Amit Sinha.

The note at the bottom of that page says:

In order to avoid locking yourself out of the cluster, the default bound transport address will never be denied. This means you can always SSH into a system and use curl to apply changes.

It is intentionally not possible to block the local machine with IP filtering.

Thank You.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.