Secure cURL connections and HTTP connections

louisdeveloper · November 23, 2019, 2:03am

I currently use ElasticSearch 6. * installed on my server.
In it I make cURL connections and access via HTTP directly, without having to enter username and password, just sending the request with HTTP to create and search documents.

For security I restricted the IPs that can access this server.

How do I make these connections require HTTP Basic Authentication, always having to pass a username and password?

I checked the X-Pack, but as I understand it, this type of feature requires a payment to use it. Am I correct or is there another alternative to enable this basic authentication?

stephenb · November 23, 2019, 2:15am

Actually Basic authentication is part of the Basic (Free) feature set. See here

As long as you downloaded the default distribution from Elastic Basic security is included.

Here is a Blog on the topic.

louisdeveloper · November 23, 2019, 2:49am

Thank you for the informations.

In this case I should just run this command on my server, correct?

bin/elasticsearch-setup-passwords interactive -u "http://localhost:9201"

Rudd5TT · November 23, 2019, 5:44am

Thank you for reaching out,
this information will surely help me!!!

Topic		Replies	Views
Elasticsearch-http-basic with ES 1.4.2 Elasticsearch	1	1483	July 6, 2017
Need help to setup basic HTTP authentication Elasticsearch	9	2663	July 6, 2017
Didn't see an official feature request for HTTPS/basic authetication Elasticsearch	4	352	July 6, 2017
Elasticsearch Plugin Basic Authentication HTTPS Endpoint Elasticsearch elastic-stack-security	1	361	August 27, 2021
Authentication Clarification for Elasticsearch 6+ Elasticsearch	7	1856	April 14, 2018

Secure cURL connections and HTTP connections

Related topics