Re: [dspace-tech] Securing Solr from public on Tomcat 8

2019-04-03 Thread Alan Orth 
Dear Jaware,

You would want to add a requirement that requests to the solr application
come from localhost aka 127.0.0.1. Add something like this to your
VirtualHost in Apache HTTPD:



  Require ip 127.0.0.0/8

...


Regards,

On Tue, Mar 26, 2019 at 9:59 AM Paul Münch 
wrote:

> Hello Jaware,
>
> it is possible to allow or deny access to specific paths via webserver
> configuration:
>
> https://httpd.apache.org/docs/2.4/howto/access.html
>
> If you use an older version, there are these features, too. But the syntax
> is slightly different.
>
> I hope this helps and kind regards,
>
> Paul Münch
>
> Am 26.03.19 um 08:35 schrieb endmartech4afr...@gmail.com:
>
> Hi Everybody
>
> We were installing Dspace 6.3 over Ubuntu 18.04(LTS) using Apache-HTTPD
>
> How ever solr is exposed through our public ip  something like this ->
> https://0.0.0.0.0/solr
>
>
> I would appreciate if you have a mechanism to secure the solr
>
> Thanks, Jaware
>
> --
> All messages to this mailing list should adhere to the DuraSpace Code of
> Conduct: https://duraspace.org/about/policies/code-of-conduct/
> ---
> You received this message because you are subscribed to the Google Groups
> "DSpace Technical Support" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to dspace-tech+unsubscr...@googlegroups.com.
> To post to this group, send email to dspace-tech@googlegroups.com.
> Visit this group at https://groups.google.com/group/dspace-tech.
> For more options, visit https://groups.google.com/d/optout.
>
>
> --
> Philipps-Universität Marburg | UB
> Digitale Dienste | Deutschhausstraße 9 | D018
> Tel. +49 06421 28-24624
> --
>
> --
> All messages to this mailing list should adhere to the DuraSpace Code of
> Conduct: https://duraspace.org/about/policies/code-of-conduct/
> ---
> You received this message because you are subscribed to the Google Groups
> "DSpace Technical Support" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to dspace-tech+unsubscr...@googlegroups.com.
> To post to this group, send email to dspace-tech@googlegroups.com.
> Visit this group at https://groups.google.com/group/dspace-tech.
> For more options, visit https://groups.google.com/d/optout.
>


-- 
Alan Orth
alan.o...@gmail.com
https://picturingjordan.com
https://englishbulgaria.net
https://mjanja.ch
"In heaven all the interesting people are missing." ―Friedrich Nietzsche

-- 
All messages to this mailing list should adhere to the DuraSpace Code of 
Conduct: https://duraspace.org/about/policies/code-of-conduct/
--- 
You received this message because you are subscribed to the Google Groups 
"DSpace Technical Support" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to dspace-tech+unsubscr...@googlegroups.com.
To post to this group, send email to dspace-tech@googlegroups.com.
Visit this group at https://groups.google.com/group/dspace-tech.
For more options, visit https://groups.google.com/d/optout.

Re: [dspace-tech] Securing Solr from public on Tomcat 8

2019-03-26 Thread Paul Münch 
Hello Jaware,

it is possible to allow or deny access to specific paths via webserver
configuration:

https://httpd.apache.org/docs/2.4/howto/access.html

If you use an older version, there are these features, too. But the
syntax is slightly different.

I hope this helps and kind regards,

Paul Münch

Am 26.03.19 um 08:35 schrieb endmartech4afr...@gmail.com:
> Hi Everybody
>
> We were installing Dspace 6.3 over Ubuntu 18.04(LTS) using Apache-HTTPD
>
> How ever solr is exposed through our public ip  something like this ->
> https://0.0.0.0.0/solr
>
>
> I would appreciate if you have a mechanism to secure the solr
>
> Thanks, Jaware
>  
> -- 
> All messages to this mailing list should adhere to the DuraSpace Code
> of Conduct: https://duraspace.org/about/policies/code-of-conduct/
> ---
> You received this message because you are subscribed to the Google
> Groups "DSpace Technical Support" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to dspace-tech+unsubscr...@googlegroups.com
> .
> To post to this group, send email to dspace-tech@googlegroups.com
> .
> Visit this group at https://groups.google.com/group/dspace-tech.
> For more options, visit https://groups.google.com/d/optout.

-- 
Philipps-Universität Marburg | UB 
Digitale Dienste | Deutschhausstraße 9 | D018
Tel. +49 06421 28-24624  
--

-- 
All messages to this mailing list should adhere to the DuraSpace Code of 
Conduct: https://duraspace.org/about/policies/code-of-conduct/
--- 
You received this message because you are subscribed to the Google Groups 
"DSpace Technical Support" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to dspace-tech+unsubscr...@googlegroups.com.
To post to this group, send email to dspace-tech@googlegroups.com.
Visit this group at https://groups.google.com/group/dspace-tech.
For more options, visit https://groups.google.com/d/optout.


signature.asc
Description: OpenPGP digital signature

[dspace-tech] Securing Solr from public on Tomcat 8

2019-03-26 Thread endmartech4africa 
Hi Everybody

We were installing Dspace 6.3 over Ubuntu 18.04(LTS) using Apache-HTTPD

How ever solr is exposed through our public ip  something like this -> 
https://0.0.0.0.0/solr


I would appreciate if you have a mechanism to secure the solr

Thanks, Jaware
 

-- 
All messages to this mailing list should adhere to the DuraSpace Code of 
Conduct: https://duraspace.org/about/policies/code-of-conduct/
--- 
You received this message because you are subscribed to the Google Groups 
"DSpace Technical Support" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to dspace-tech+unsubscr...@googlegroups.com.
To post to this group, send email to dspace-tech@googlegroups.com.
Visit this group at https://groups.google.com/group/dspace-tech.
For more options, visit https://groups.google.com/d/optout.