it would be very kind, if an expert could help me. I try to setup (for a non profit project) the elastic stack:
Is a default APM Server Installation (from the official Docker Image), as described here: https://www.elastic.co/guide/en/apm/server/current/running-on-docker.html secure by default, when the port 8200 is publicly exposed? I have it running with TLS, but are very afraid I missed something.
With secure I mean, no one can retrieve any data. As it is described in the documentation port 8200 needs to be publicly accessible from my React App (RUM Agent) and as React Apps can not contain any secrets there is no way to really protect the port 8200 access. I am aware of the attack vector someone sending arbitrary data. But I was not able to find any information if port 8200 somehow in any way might also allow to query data and might be required to sepcially be configured to only allow data in, not out.
Furthermore, is the APM Server protected from invalid data input from an attacker (or do I somehow to implement a further input-sanitization layer/proxy or have to configure this somehow?).
Any advice would be very much appreciated, how to secure the APM server port 8200. Thanks very much!