: on a given port, say :8983. I have my firewall (iptables) set up so : that the outside world cannot connect to :8983. However, my httpd : server, running on port 80, can connect to solr because they are : running on the same box. Therefore all access to solr is mediated : through whatever applications I choose to run through httpd. This is : the same approach we've always used for mySQL, and it has served us
Bingo. This is definitely what i recommend. (and i love the analogy of MySQL, Solr is designed to be a "service" your applications use, communication protocol justh appens to be HTTP) If you want to expose the raw Solr responses to the outside world, then use something like mod_proxy on your webserver with configuration in place to limit what kinds of requests the outside world can make on your Solr server. -Hoss
