Setting up nginx to proxy to Elasticsearch with HTTP auth on top is fairly trivi... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

jrgnsd on May 15, 2016 | parent | context | favorite | on: How I found a data leak of a company during a coll...

Setting up nginx to proxy to Elasticsearch with HTTP auth on top is fairly trivial. There's a couple of good articles on the web if you google for it. Also, should you have an Elasticsearch support contract, you get access to the Shield plugin which has extensive access control.

But yes, the fact that it is open OOTB is frustrating.

pyre on May 18, 2016 [–]

This is exactly what I do, but the fact that it's wide open and relies on you to use a different (and de-coupled) service for permissions was surprising to me (at the time).

Join us for AI Startup School this June 16-17 in San Francisco!
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact