[jira] [Commented] (SOLR-14014) Allow Solr to start with Admin UI disabled

Wed, 01 Apr 2020 18:17:39 -0700 


    [ 
https://issues.apache.org/jira/browse/SOLR-14014?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17073285#comment-17073285
 ] 

Marcus Eagan commented on SOLR-14014:
-------------------------------------

I am a regular user of Solr and I love many of the features in the UI when I 
need them. Would like to remove the footprint in production for some uses.

> Allow Solr to start with Admin UI disabled
> ------------------------------------------
>
>                 Key: SOLR-14014
>                 URL: https://issues.apache.org/jira/browse/SOLR-14014
>             Project: Solr
>          Issue Type: Improvement
>          Components: Admin UI, security
>    Affects Versions: master (9.0), 8.3.1
>            Reporter: Jason Gerlowski
>            Priority: Major
>          Time Spent: 0.5h
>  Remaining Estimate: 0h
>
> Currently Solr always runs the Admin UI. With the history of XSS issues and 
> other security concerns that have been found in the Admin UI, Solr should 
> offer a mode where the Admin UI is disabled. Maybe, and this is a topic 
> that'll need some serious discussion, this should even be the default when 
> Solr starts.
> NOTE: Disabling the Admin UI removes XSS and other attack vectors. But even 
> with the Admin UI disabled, Solr will still be inherently unsafe without 
> firewall protection on a public network.
> *Proposed design:*
> A java system property called *headless* will be used as an internal flag for 
> starting Solr in headless mode. This property will default to true. A java 
> property can be used at startup to set this flag to false.
> Here is an example:
> {code:java}
>  bin/solr start -Dheadless=false {code}
> A message will be added following startup describing the mode.
> In headless mode the following message will be displayed:
> "solr is running in headless mode. The admin console is unavailable. To to 
> turn off headless mode and allow the admin console use the following 
> parameter startup parameter:
> -Dheadless=false 
>   
> In non-headless mode the following message will be displayed:
> "solr is running with headless mode turned off. The admin console is 
> available in this mode. Disabling the Admin UI removes XSS and other attack 
> vectors"  
> If a user attempts to access the admin console while Solr is in headless mode 
> it Solr will return 401 unauthorized.
>  



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to