IP filtering on Elastic Search 5.2.2

eramitsinha · July 20, 2017, 9:13pm

Hi,

(ref: https://www.elastic.co/guide/en/x-pack/5.2/ip-filtering.html)
I was trying to implement IP filtering using X-Pack, so I have installed X-Pack on elastic search and I wanted to restrict localhost using following yml configuration, but I am able to access elastic search using http url:

yml:
xpack.security.enabled: true
xpack.security.http.filter.enabled: true
xpack.security.http.filter.deny: ["1XX.2XX.219.122", "localhost","127.0.0.1"]

Am I missing anything please let me know.

Thanks,
Amit Sinha.

TimV · July 21, 2017, 6:54am

The note at the bottom of that page says:

In order to avoid locking yourself out of the cluster, the default bound transport address will never be denied. This means you can always SSH into a system and use curl to apply changes.

It is intentionally not possible to block the local machine with IP filtering.

eramitsinha · July 21, 2017, 3:23pm

Thank You.

system · August 18, 2017, 3:23pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Ip filtering on elastic cloud Endpoint Security	2	664	March 3, 2020
Elasticsearch IP Filtering Not Working Elasticsearch elastic-stack-security	2	887	July 29, 2020
Per/Node Ip FIlters in Cluster Settings Elasticsearch	4	425	December 4, 2019
Ip-filtering Elasticsearch	6	1319	May 20, 2018
Does ES security settings "xpack.security.transport.filter.allow" conflict with eBPF program? Elasticsearch elastic-stack-security	1	139	August 28, 2023

IP filtering on Elastic Search 5.2.2

Related topics