On Tue, Mar 17, 2020 at 6:05 AM Jan Høydahl <jan....@cominvent.com> wrote:
> You can consider upgrading to Solr 8.5 which is to be released in a couple > of days, which makes it easy to whitelist IP addresses in solr.in.sh: > Thanks. That is good news, though it won't help me this time around. My application framework (Drupal) doesn't support Solr 8. I may try Solr 6 again, or take another stab at getting the Basic Authentication plugin to work in Solr 7. My Solr install isn't web-accessible, so the only threats would come from inside the network. > > # Allow IPv4/IPv6 localhost, the 192.168.0.x IPv4 network, and > 2000:123:4:5:: IPv6 network. > SOLR_IP_WHITELIST="127.0.0.1, [::1], 192.168.0.0/24, [2000:123:4:5::]/64" > > > https://lucene.apache.org/solr/guide/8_5/securing-solr.html#enable-ip-access-control > > But please please do not expose Solr, even if secured, to untrusted > networks and never to the public internet. > > Jan > > > 16. mar. 2020 kl. 16:46 skrev Ryan W <rya...@gmail.com>: > > > > On Mon, Mar 16, 2020 at 10:51 AM Susheel Kumar <susheel2...@gmail.com> > > wrote: > > > >> Basic auth should help you to start > >> > >> > https://lucene.apache.org/solr/guide/8_1/basic-authentication-plugin.html > > > > > > > > Thanks. I think I will give up on the plugin system. I haven't been > able > > to get the plugin system to work, and it creates too many opportunities > for > > human error. Even if I can get it working this week, what about 6 months > > from now or a year from now when something goes wrong and I have to debug > > it. It seems like far too much overhead to provide the desired security > > benefit, except perhaps in situations where an organization has Solr > > specialists who can maintain the system. > >
