In this case create a VPN and then access it.
> Am 02.01.2019 um 11:03 schrieb s...@cid.is:
>
> First I want to thank you for your comments.
> Second I'll add some background information.
>
> Here Solr is part of a complex information management project, which I
> developed for a customer and which includes different source databases,
> containing edited/imported/crawled content.
> This project runs on a Debian root server, which is hosted by an ISP and
> maintained by the ISP's support team and - a little bit - by me.
> This setting was required by my customer.
>
> Solr searches are created and processed on this server from a PHP MySQL
> stack, and port 8983 is only available internally.
> I agree the opening port 8983 to the public is dangerous, I've experienced
> that.
> Nevertheless from time to time I need access to the Solr Admin GUI on that
> server.
>
> My ISP's support team is not familiar with Solr, but willing to help.
> So I'll forward your comments to them and discuss with them.
>
> Thank you again.
> Walter
>
>
> Shawn Heisey schrieb am 01.01.2019 20:00:13:
>
>> If you've blocked the Solr port, then you can't access Solr at all,
>> including the admin UI. The UI is accessed through the same port as the
>> rest of Solr.
>>
>> The admin UI is a static set of resources (html, css, javascript, images,
>> etc) that gets downloaded and runs within the browser, accessing the same
>> API that anything else would. When you issue a query with the admin UI, it
>> is your browser that makes the query, not the server.
>>
>> If you set up a reverse proxy that blocks URL paths for the API while
>> allowing URL paths for the admin UI, then the admin UI won't work -- because
>> everything the admin UI displays or does is accomplished by your browser
>> making calls to the API.
>>
>> Thanks,
>> Shawn
>
>
> Terry Steichen schrieb am 01.01.2019 19:39:04:
>
>> I think a better approach to tunneling would be:
>>
>> ssh -p -L :localhost:8983 use...@myremoteserver.example.com
>>
>> This requires you to set up a different port () rather than use the
>> standard 22 port (on your router and on your sshd config). I've been
>> running something like this for about a year and have rarely if ever had
>> it attacked. Prior to changing the port (to ), however, I was under
>> constant hacking attacks - they find port 22 too attractive to ignore.
>>
>> Also, regarding my use of port : if you have the server running on
>> several local machines (as I do), the use of the port may help
>> prevent confusion (as to whether your browser is accessing a local -
>> defaulted to 8983 - or a remote solr server).
>>
>> Note: you might find that the ssh connection will drop out after some
>> inactivity, and need to be restarted occasionally. Pretty simple to do
>> - just run the ssh line above again.
>>
>> Note: I also add authorization controls to the AdminUI (and its functions)
>
>
> Jörn Franke schrieb am 01.01.2019 19:11:18:
>
>> You could configure a reverse proxy to provide one or more means of
>> authentication.
>>
>> However, I agree that the purpose why this is done should be clarified.
>
>
> Kay Wrobel schrieb am 01.01.2019 19:02:10:
>
>> You can use ssh to tunnel in.
>>
>> ssh -L8983:localhost:8983 use...@myremoteserver.example.com
>>
>> This will only require port 22 to be exposed to the public.
>>
>>
>> Sent from my iPhone
>
>
> Walter Underwood schrieb am 01.01.2019 19:00:31:
>
>> Yes, exposing the admin UI on the web is very dangerous. Anyone who finds it
>> can delete all your collections. That UI is designed for “back office” use
>> only.
>>
>> wunder
>> Walter Underwood
>> wun...@wunderwood.org
>> http://observer.wunderwood.org/ (my blog)
>
>
> Gus Heck schrieb am 01.01.2019 18:43:02:
>
>> Why would you want to expose the administration gui on the web? This is a
>> very hazardous thing to do. Never mind that it normally also runs on 8983
>> and all it's functionality relies on the ability to interact with 8983
>> hosted api end points.
>>
>> What are you actually trying to solve?
>
>
> Jörn Franke schrieb am 31.12.2018 23:07:49:
>
>> Reverse proxy?
>
>
> "aleksander_goncha...@yahoo.de" schrieb am
> 31.12.2018 23:22:59:
>
>> Hi Walter,
>>
>> hatte ähnlichen Fall. Der wurde mit Proxy gelöst. "Einfach" Ngnix dazwischen
>> geschaltet.
>>
>> Viele Grüße
>> Alexander
>
> s...@cid.is schrieb am 31.12.2018 22:48:55:
>
>> Hi all,
>>
>> is there a way, better a solution, to access the Solr Admin GUI from
>> outside the server (via public web) while the Solr port 8983 is closed by a
>> firewall and only available inside the server via localhost?
>>
>> Thanks in advance
>> Walter Claassen
>>
>> Alexandraweg 32
>> D 64287 Darmstadt
>> Fon +49-6151-4937961
>> Fax +49-6151-4937969
>> c...@cid.is
>