0

Securing Solr installation

0 Flares Filament.io 0 Flares ×

You can protect your Solr installation in just few minutes.

    1.  Never install Solr in your web server working directories i-e: under your webroot
    2. Make Solr listen only on localhost

      vi bin/solr.in.sh
      SOLR_OPTS="$SOLR_OPTS -Djetty.host=127.0.0.1"
    3. Put localhost8983 as Solr server address in your application configuration, don’t use external / public address
    4. If you want to run SELECT queries from client’s browser (AJAX calls etc) then put a reverse proxy on front of your instance and protect remaining areas of Solr console (admin, update etc). Below is an example of Nginx host.


location ~* /solr/\w+/select {
proxy_pass http://127.0.0.1:8983;
}
location / {
auth_basic "Restricted";
auth_basic_user_file /etc/nginx/htpasswd;
proxy_pass http://127.0.0.1:8983;
}

By above nginx will only allow SELECT queries and will ask authentication on rest.

0 Flares Twitter 0 Facebook 0 LinkedIn 0 Google+ 0 Filament.io 0 Flares ×

Leave a Reply

Your email address will not be published. Required fields are marked *