remove random indexesremove random indexesHello!

I have an elasticsearch 5.6 in centOS 7 and it is behaving unexpectedly. Random indexes are being created. I am not able to identify the origin and apply a configuration that can block/remove these indexes.

Example:
curl -XGET HOST:9200/_cat/indices
#output:
index.action
index.cfm
index.html
index.cgi
index.do
index.htm
index.aspx
index.asp
index.jsp
index.py
index.pl
index.php

I can temporarily fix it like this:

Delete unmapped indexes:

curl -X DELETE "HOST:9200/index.*

configuring number of replicas:

curl -X PUT -H 'Content-Type: application/json' 'HOST:9200/_settings' -d '{"number_of_replicas":0}'

How can we resolve this? Is there a way to configure it in a file?

elasticsearch 5.6 is EOL and no longer supported. Please upgrade ASAP.

(This is an automated response from your friendly Elastic bot. Please report this post if you have any suggestions or concerns )

This typically indicates that your cluster does not have any security enabled and is accessible either from the internet or some internal vulnerability scanning tool.

The version you are running is very old and EOL, so I would recommend upgrading to the latest version where basic security is available out of the box. Enabling security would resolve this issue.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.