Re: Security Suggestion In Elasticsearch

2015-04-02 Thread Mark Walkom 
You don't need to use both, no. I've heard of people using
elasticsearch-jetty successfully, but it appears to have been unmaintained
for a while now.

And yes, Shield is a commercial plugin, you can try it free for 30 days
though.

On 2 April 2015 at 16:09, Shohedul Hasan  wrote:

> Do i have to use both of iptable and nginx.  Another thing what is about
> elasticsearch-jetty, will it be better than nginx?  I didn't know that
> shield is not free.
>
> On Tuesday, March 31, 2015 at 1:43:25 PM UTC+6, Mark Walkom wrote:
>>
>> Shield would be the best.
>> But you can also use iptables and nginx to secure and proxy things.
>>
>> On 31 March 2015 at 17:45, Shohedul Hasan  wrote:
>>
>>> Hi,
>>> I am trying to deploy my ES server in Digital ocean. But Digital ocean
>>>  had some hacker attack as i didn't add any security to ES, So they blocked
>>> my droplet and gave me warning. So i tried to find out how can i secure my
>>> ES server. I have found out that Shield , using proxy or some other ways
>>> can be  solution. But i am confused.  What is the best option (to secure
>>> ES) i have right now.
>>>
>>> 1) I have one ES server (i may add more in future)
>>> 2) One server that run the java code. From this server i do all ES
>>> operation.
>>> 3) There are some more servers like postgresql, gearman but i think
>>> these are not relevant here.
>>>
>>> Thanks in advance.
>>>
>>> --
>>> You received this message because you are subscribed to the Google
>>> Groups "elasticsearch" group.
>>> To unsubscribe from this group and stop receiving emails from it, send
>>> an email to elasticsearc...@googlegroups.com.
>>> To view this discussion on the web visit https://groups.google.com/d/
>>> msgid/elasticsearch/4aa2f9f8-b4b7-4ce3-8ff3-66c3304d64a5%
>>> 40googlegroups.com
>>> 
>>> .
>>> For more options, visit https://groups.google.com/d/optout.
>>>
>>
>>  --
> You received this message because you are subscribed to the Google Groups
> "elasticsearch" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to elasticsearch+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/elasticsearch/4f8191d4-750e-4574-b3fb-f6375b3f4b19%40googlegroups.com
> 
> .
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/elasticsearch/CAEYi1X-QmpZagpGE-jJuiwXJM0KWVY6vBBHuZe5rCvb5zMZsAQ%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: Security Suggestion In Elasticsearch

2015-04-01 Thread Shohedul Hasan 
Do i have to use both of iptable and nginx.  Another thing what is about 
elasticsearch-jetty, will it be better than nginx?  I didn't know that 
shield is not free. 

On Tuesday, March 31, 2015 at 1:43:25 PM UTC+6, Mark Walkom wrote:
>
> Shield would be the best.
> But you can also use iptables and nginx to secure and proxy things.
>
> On 31 March 2015 at 17:45, Shohedul Hasan  > wrote:
>
>> Hi, 
>> I am trying to deploy my ES server in Digital ocean. But Digital ocean 
>>  had some hacker attack as i didn't add any security to ES, So they blocked 
>> my droplet and gave me warning. So i tried to find out how can i secure my 
>> ES server. I have found out that Shield , using proxy or some other ways 
>> can be  solution. But i am confused.  What is the best option (to secure 
>> ES) i have right now. 
>>
>> 1) I have one ES server (i may add more in future)
>> 2) One server that run the java code. From this server i do all ES 
>> operation.
>> 3) There are some more servers like postgresql, gearman but i think these 
>> are not relevant here.
>>
>> Thanks in advance.
>>
>> -- 
>> You received this message because you are subscribed to the Google Groups 
>> "elasticsearch" group.
>> To unsubscribe from this group and stop receiving emails from it, send an 
>> email to elasticsearc...@googlegroups.com .
>> To view this discussion on the web visit 
>> https://groups.google.com/d/msgid/elasticsearch/4aa2f9f8-b4b7-4ce3-8ff3-66c3304d64a5%40googlegroups.com
>>  
>> 
>> .
>> For more options, visit https://groups.google.com/d/optout.
>>
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/elasticsearch/4f8191d4-750e-4574-b3fb-f6375b3f4b19%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: Security Suggestion In Elasticsearch

2015-03-31 Thread Mark Walkom 
Shield would be the best.
But you can also use iptables and nginx to secure and proxy things.

On 31 March 2015 at 17:45, Shohedul Hasan  wrote:

> Hi,
> I am trying to deploy my ES server in Digital ocean. But Digital ocean
>  had some hacker attack as i didn't add any security to ES, So they blocked
> my droplet and gave me warning. So i tried to find out how can i secure my
> ES server. I have found out that Shield , using proxy or some other ways
> can be  solution. But i am confused.  What is the best option (to secure
> ES) i have right now.
>
> 1) I have one ES server (i may add more in future)
> 2) One server that run the java code. From this server i do all ES
> operation.
> 3) There are some more servers like postgresql, gearman but i think these
> are not relevant here.
>
> Thanks in advance.
>
> --
> You received this message because you are subscribed to the Google Groups
> "elasticsearch" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to elasticsearch+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/elasticsearch/4aa2f9f8-b4b7-4ce3-8ff3-66c3304d64a5%40googlegroups.com
> 
> .
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/elasticsearch/CAEYi1X-Z6qH%2Bmh9Z7GB2UMChB6bwBrt-6tU_uVJWRGCy9c_gQg%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: Security Suggestion In Elasticsearch

2015-03-31 Thread joergpra...@gmail.com 
The rule is not new. Do not expose Elasticsearch to the public internet,
just like Postgresql and Gearman.

Jörg

On Tue, Mar 31, 2015 at 8:45 AM, Shohedul Hasan 
wrote:

> Hi,
> I am trying to deploy my ES server in Digital ocean. But Digital ocean
>  had some hacker attack as i didn't add any security to ES, So they blocked
> my droplet and gave me warning. So i tried to find out how can i secure my
> ES server. I have found out that Shield , using proxy or some other ways
> can be  solution. But i am confused.  What is the best option (to secure
> ES) i have right now.
>
> 1) I have one ES server (i may add more in future)
> 2) One server that run the java code. From this server i do all ES
> operation.
> 3) There are some more servers like postgresql, gearman but i think these
> are not relevant here.
>
> Thanks in advance.
>
> --
> You received this message because you are subscribed to the Google Groups
> "elasticsearch" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to elasticsearch+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/elasticsearch/4aa2f9f8-b4b7-4ce3-8ff3-66c3304d64a5%40googlegroups.com
> 
> .
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/elasticsearch/CAKdsXoFZZbQ9x6MkdUC-TkCUHpfSh3Sieh1Rk_PE9YuwwSQvuw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Security Suggestion In Elasticsearch

2015-03-30 Thread Shohedul Hasan 
Hi, 
I am trying to deploy my ES server in Digital ocean. But Digital ocean  had 
some hacker attack as i didn't add any security to ES, So they blocked my 
droplet and gave me warning. So i tried to find out how can i secure my ES 
server. I have found out that Shield , using proxy or some other ways can 
be  solution. But i am confused.  What is the best option (to secure ES) i 
have right now. 

1) I have one ES server (i may add more in future)
2) One server that run the java code. From this server i do all ES 
operation.
3) There are some more servers like postgresql, gearman but i think these 
are not relevant here.

Thanks in advance.

-- 
You received this message because you are subscribed to the Google Groups 
"elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/elasticsearch/4aa2f9f8-b4b7-4ce3-8ff3-66c3304d64a5%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.