Secure cURL connections and HTTP connections

I currently use ElasticSearch 6. * installed on my server.
In it I make cURL connections and access via HTTP directly, without having to enter username and password, just sending the request with HTTP to create and search documents.

For security I restricted the IPs that can access this server.

How do I make these connections require HTTP Basic Authentication, always having to pass a username and password?

I checked the X-Pack, but as I understand it, this type of feature requires a payment to use it. Am I correct or is there another alternative to enable this basic authentication?

Actually Basic authentication is part of the Basic (Free) feature set. See here

As long as you downloaded the default distribution from Elastic Basic security is included.

Here is a Blog on the topic.

Thank you for the informations.

In this case I should just run this command on my server, correct?

bin/elasticsearch-setup-passwords interactive -u "http://localhost:9201"

Thank you for reaching out,
this information will surely help me!!!

1 Like