How can I disable an Open ElasticSearch Server?

What is an 'Open ElasticSearch Server'?
Your ElasticSearch instance is currently not secure and allows anyone on the internet to access and possibly fully control it.

This could be especially problematic if this instance has dynamic scripting enabled. The scripting engine can be abused to launch a denial of service attack.

Recommended action
You should configure your firewall to only allow connections from trusted sources. Usually the elasticsearch service runs on port 9200/tcp.

To check if it's actually closed you can use the following tool called 'nmap'.

sudo nmap -sS -p 9200 <ip address here>

Have more questions? Submit a request

0 Comments

Please sign in to leave a comment.