0

I have elasticsearch instance running in my linux server on xxx.xxx.1.75: 9201.

I have installed and configured NGINX on another server xxx.xx.1.89 and set the proxy for the elasticsearch to be running on port 5001i.e., it is able to access from xxx.xxx.1.89:5001.

But when I try to access the elasticsearch using port xxx.xxx.1.75:9201 it is running good, which I don't want to happen.

I want to restrict the access of elasticsearch cluster only through NGINX reverse proxy server i.e., xxx.xx.1.89:5001 but not directly from xxx.xx.1.75:9201.

Please help me to solve this.

thanks.

zt1983811
  • 1,011
  • 3
  • 14
  • 34
navya
  • 11
  • 1

1 Answers1

0

Easy way is to use firewall to restric access to ES (depend on system you use).

If both your servers have internal network connection, which is not visible outside, you may run ES on that, internal interface only.

Zada Zorg
  • 2,778
  • 1
  • 21
  • 25
  • Is there any way to change elasticsearch.yml file instead of iptables so that we can achieve above requirement. – navya Jun 30 '17 at 11:50
  • I want to make my elasticsearch listen on localhost and the nginx proxy server which is on xxx.xx.1.89 by using elasticsearch.yml file. Help me with this. – navya Jul 01 '17 at 08:23
  • Using elasticsearch.yml file you can only configure what interface to bind. Best way to archive your goal is to use firewall. Invest time in this tool as this is useful for administration a lot. Another workaround can be running elastic on 0.0.0.0 and then creating SSH tunnel for Nginx. But this is ugly solution. Use firewall! – Zada Zorg Jul 04 '17 at 17:12