Notes on elasticsearch Security Settings
In versions earlier than elasticsearch1.4.3, apart from MVEL security vulnerabilities, there are also Groovy vulnerabilities. For details, refer to: Click to open the link. Here we will talk about an important configuration that you should pay attention to when using elasticsearch1.4.3:
As a distributed server, it is generally deployed on the Intranet and provided to applications as a service. The default IP address bound to elasticsearch is 0.0.0.0. That is to say, if this host has several NICs, elasticsearch can use these IP addresses to use its services. Therefore, if your server has a NIC bound to the Internet, you must set the elasticsearch attribute: network. the host is an intranet IP address. Of course, you can also use the network. publish_host and network. bind_host is set separately. For details about the meanings of the two parameters, refer to the online documents for details. Otherwise, you can use the CURL command to operate the index data on our Indexing Server. You can also add or delete indexes at will, which is terrible ~