Restricting Elastic Cluster Access From Browser and unwanted Servers

We have 5 Node Cluster with 3 Master Nodes , 3 Coord nodes and 6 Data Nodes.
Currently we can view the content of Elastic cluster via browser using the url ["" http://hostname:9200/_cat/nodes""] , we want access from the browser and also unwanted servers to be restricted and only allow set of servers [ Forming a cluster ] and App server's making call's to Elastic.

To achieve the above scenario, I have updated the following parameters' in the elastic.yaml [ In Master-1/Master-2/Master-3] and after updated the elastic.yml the service isn't starting up. Please
assist me if I am missing something or any additional steps have to be performed.
xpack.security.enabled: trye
xpack.security.transport.filter.allow: [ "Hostname1", "Hostname2", "Hostname3", "Hostname n" ]
xpack.security.transport.filter.deny: _all

Note: The above 3 are the only config related to security in the elastic.yml

Also please let me know if security related config has to be update on all Nodes [ All Masters, All Co-ord's and all Data nodes]

Why it is not starting? What do you have in the logs? What nodes did you put in the allow option? You should put all of your elasticsearch nodes.

Did you have security enabled before?

Please share your log with the error.

Also, while you can use this filter in elastiscearch, it would be better to use a firewall service to allow or deny the requests.

1 Like

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.