Security: prevent malicious post indexing

[AaronHolbrook]

Via server side - but still an important thing to figure out is how we're limiting and controlling access to the Elasticsearch server. Currently we are proxy pass limiting access to POST - this does not prevent users from maliciously indexing data

[tlovett1]

This looks pretty interesting. We could add optional support for this plugin: https://github.com/sonian/elasticsearch-jetty

[AaronHolbrook]

I believe this is more of an educational and documentational thing, as this will require stricter configuration of the nginx directives on the server.

Leaving open for now until I write the documentation surrounding this.

Open to thoughts or suggestions on how to better improve security surrounding this @tlovett1 @TheLastCicada @zamoose.

[AaronHolbrook]

Something like this may work: http://snippets.aktagon.com/snippets/555-how-to-filter-post-parameters-with-nginx-and-the-perl-module

[AaronHolbrook]

Run through internal script in plugin before sending on to ES.

[AaronHolbrook]

Good news on this front, after a fantastic post by the Elasticsearch team (post here) where they discuss good ways to incorporate NGINX usage into the HTTP stack with Elasticsearch, @TheLastCicada and I were able to come up with a directive that should help lock down any usage that is using a specific API endpoint (i.e. _suggest or _search).

# Elasticsearch endpoint
location /es-search {

  # only allow things to hit the _autosuggest API
  # change the `_endpoint` to be whatever you'd like to restrict usage to
  location ~* (.*)_suggest$ {

    # only allow POST requests
    limit_except POST {
      deny all;
    }

    # Perform our request
    rewrite ^/es-search(.*) $1 break;
    proxy_set_header Host $host;
    proxy_pass http://192.168.50.4:9200;
  }

  return 403;
}

[tlovett1]

Awesome article. You could even use Basic HTTP Auth to lock down that endpoint even further.