On Oct 22, 2013, at 19:29 , Shawn Heisey <s...@elyograg.org> wrote: > On 10/22/2013 8:09 AM, Raheel Hasan wrote: >> This sounds like trouble. >> >> I have used Solr in my script (php) such that I curl it for query (using >> "solr/automata/select?q="). If I make it completely off-public, how will my >> own site access it? >> >> Is there any parameter to prevent access by "REMOTE_ADDR"? > > The basic design intent with Solr is this: > > 1) A set of servers that handle your website or other applicationthat uses > Solr. > 2) A set of servers that handle Solr. > 3) A firewall that allows only relevant traffic from the end users (or the > internet) to reach the webservers on appropriate ports. Only trusted > administrators can reach the Solr servers. If the websites and Solr are not > on the same network, the firewalling should allow the website servers to talk > freely to Solr on Solr's port. > > This means that you can't have purely javascript-driven search boxes, unless > the javascript sends the search request to code on the webserver which cleans > it ip and constructs a Solr query from it. > > Side issue: There are PHP packages for talking to Solr in an object-oriented > way, rather than using crafting the URLs yourself and using curl. Here's > some examples: > > http://pecl.php.net/package/solr > http://www.solarium-project.org/ > > I don't write PHP code myself, but it is usually a lot easier to deal with a > Solr API than making URLs yourself and parsing the responses. > > Thanks, > Shawn >
I have numerous search applications that only involve SOLR, jQuery, Apache... and two additional server processes, one of which does query validation, adds filtering and does an XSL transform of the search results, while the other does a number of application-specific support tasks. No SOLR API, except for HTTP. The most recent search interface I did uses "solrstrap" to do most of the UI work. In summary: No problem making a search interface that runs as a single web page.
