What if we just expose '/select' paths - by firewalls and load balancers - and also use SSL and HTTP basic or digest access control?
On Tue, Nov 1, 2011 at 2:20 PM, Chris Hostetter <hossman_luc...@fucit.org>wrote: > > : I was wondering if it's a good idea to expose Solr to the outside world, > : so that our clients running on smart phones will be able to use Solr. > > As a general rule of thumb, i would say that it is not a good idea to > expose solr directly to the public internet. > > there are exceptions to this rule -- AOL hosted some live solr instances > of the Sarah Palin emails for HufPo -- but it is definitely an expert > level type thing for people who are so familiar with solr they know > exactly what to lock down to make it "safe" > > for typical users: put an application between your untrusted users and > solr and only let that application generate "safe" welformed requests to > Solr... > > https://wiki.apache.org/solr/SolrSecurity > > > -Hoss > -- Alireza Salimi Java EE Developer
