1、前言
es沒有用戶名密碼設(shè)置帖旨,所以只要有人知道目標(biāo)地址和端口就能訪問它箕昭,能對(duì)它進(jìn)行CURD,需對(duì)它進(jìn)行一定的安全設(shè)置
2、設(shè)置防止調(diào)用后臺(tái)命令
script.groovy.sandbox.enabled: false
http.basic.enabled: true
http.basic.user: "xxxx"
http.basic.password: "xxx"
http.basic.ipwhitelist: ["localhost", "127.0.0.1"]
http.basic.trusted_proxy_chains: []
http.basic.log: false
http.basic.xforward: "X-Forwarded-For"
用于設(shè)置外部用戶名密碼解阅,白名單 (一個(gè)插件) 參考:http://www.open-open.com/lib/view/open1432867880879.html
3落竹、添加用戶和密碼
如果要進(jìn)行http操作,那么在命令上需加上用戶名和密碼
curl --user user:password http://xxxx:xxxx/_snapshot/_all