Gunther, Andrew wrote:
What are people doing to restrict UpdateServlet access on production installs of Solr. Are people removing that option and rotating in a new index or restricting access from the jetty side.
I'm putting Solr on my DMZ without direct WAN access. If I had to put it on a WAN facing server, I'd hide it behind Apache and access it using mod_rewrite and use the [P] proxy directive. Using mod_rewrite, by ignoring the /foo/update URI then you have no external access to that.
Jed
