Securing Solr
No Solr API, including the Admin UI, is designed to be exposed to non-trusted parties. Tune your firewall so that only trusted computers and people are allowed access. Because of this, the project will not regard e.g., Admin UI XSS issues as security vulnerabilities. However, we still ask you to report such issues in JIRA. |
When planning how to secure Solr, you should consider which of the available features or approaches are right for you:
Encryption with TLS (SSL) Certificates
Ecrypting traffic to/from Solr and between Solr nodes prevents sensitive data to be leaked out on the network. TLS is also normally a requirement to prevent credential sniffing when using Authentication.
See the page Enabling TLS (SSL) for details.
Authentication, Authorization and Audit Logging
See chapter Configuring Authentication, Authorization and Audit Logging plugins to learn how to work with the security.json
file.
Authentication Plugins
Authentication makes sure you know the identity of your users. The authentication plugins shipping with Solr are:
Authorization Plugins
Authorization makes sure that only users with the necessary roles/permissions can access any given resource. The authorization plugins shipping with Solr are:
Audit Logging Plugins
Audit logging will record an audit trail of incoming reqests to your cluster, such as users being denied access to admin APIs. Learn more about audit logging and how to implement an audit logger plugin here in the Audit Logging chapter.
Request Logging
Solr can optionally log every incoming HTTP(s) request in the standard NCSA format
. You can enable request logging by setting SOLR_REQUESTLOG_ENABLED=true
via environment variable or in solr.in.sh
/solr.in.cmd
.
Enable IP Access Control
Restrict network access to specific hosts, by setting SOLR_IP_WHITELIST
/SOLR_IP_BLACKLIST
via environment variables or in solr.in.sh
/solr.in.cmd
.
# Allow IPv4/IPv6 localhost, the 192.168.0.x IPv4 network, and 2000:123:4:5:: IPv6 network.
SOLR_IP_WHITELIST="127.0.0.1, [::1], 192.168.0.0/24, [2000:123:4:5::]/64"
# Explicitly deny access to two problematic hosts.
SOLR_IP_BLACKLIST="192.168.0.3, 192.168.0.4"
Securing ZooKeeper Traffic
ZooKeeper is a central and important part of a SolrCloud cluster and understanding how to secure its content is covered in the ZooKeeper Access Control page.
Enable Security Manager
Solr can run in a Java Security Manager sandbox by setting SOLR_SECURITY_MANAGER_ENABLED=true
via environment variable or in solr.in.sh
/solr.in.cmd
. This feature is incompatible with Hadoop.