From 436d3e2c78a8bff54f65ca1b07e71f5cc50e355a Mon Sep 17 00:00:00 2001 From: Temoc Rodriguez Date: Mon, 11 Dec 2017 15:24:23 -0800 Subject: Add ELK Security Add security to ELk such that only localhost is able to access ELK. All other hosts will be denied service. This fixes the open elastic serach security vulnerability. Issue-ID: POLICY-495 Change-Id: I7f5d6fef5963f984c2bce6933c8b214c0bd3be2b Signed-off-by: Temoc Rodriguez --- packages/base/src/files/install/elk/config/elasticsearch.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'packages/base') diff --git a/packages/base/src/files/install/elk/config/elasticsearch.yml b/packages/base/src/files/install/elk/config/elasticsearch.yml index b890bb13b..ec6def080 100644 --- a/packages/base/src/files/install/elk/config/elasticsearch.yml +++ b/packages/base/src/files/install/elk/config/elasticsearch.yml @@ -54,8 +54,8 @@ path.logs: ${{POLICY_HOME}}/logs # # Set the bind address to a specific IP (IPv4 or IPv6): # -#network.host: 192.168.0.1 -network.host: ["${{ELK_NETWORK_HOST}}", "127.0.0.1"] +# Only allow to run on localhost so it can't be queried from outside +network.bind_host: ["_local_"] # # Set a custom port for HTTP: # @@ -88,4 +88,4 @@ network.host: ["${{ELK_NETWORK_HOST}}", "127.0.0.1"] # # Require explicit names when deleting indices: # -#action.destructive_requires_name: true \ No newline at end of file +#action.destructive_requires_name: true -- cgit 1.2.3-korg