I'd like to expose Kibana + Elasticsearch publicly, since it's an easy
exploration tool for the data I'm storing in es. From browsing
the web and the mailing list, it looks like such a setup--while
discouraged--can still be done by using a reverse proxy in front of the
HTTP server of es. For example, however http://demo.kibana.org is
The steps I'm planning to take are:
- Use nginx proxy_pass for public HTTP
- Disable PUT/DELETE methods
- Disable POST on all but the _search endpoint for my index.
- Disable dynamic script execution in queries.
Is there anything else I need to do to ensure users can't
the data or gain access to the machine through es?
(As an aside, does anybody have experience running elasticsearch on
with 256-512MB of ram? Any tips to reduce memory usage?)
You received this message because you are subscribed to the Google Groups "elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an email to email@example.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/elasticsearch/121f467ed631f7d1d2e10ca149172a7f%40hakase.org.
For more options, visit https://groups.google.com/groups/opt_out.