You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@lucene.apache.org by GitBox <gi...@apache.org> on 2019/12/07 23:52:46 UTC
[GitHub] [lucene-solr] janhoy commented on issue #1058: SOLR-13972: Warn
about insecure settings on startup
janhoy commented on issue #1058: SOLR-13972: Warn about insecure settings on startup
URL: https://github.com/apache/lucene-solr/pull/1058#issuecomment-562897261
Well, if you just download and run Solr without specifying `SOLR_HOST` (or `-Dhost=x`) then earlier it would bind to ALL interfaces and you'd be able to connect to Solr from a 192.x.x.x or 10.x.x.x network or even from a public IP. With [SOLR-13985](https://issues.apache.org/jira/browse/SOLR-13985), Solr will by default bind to 127.0.0.1, and only if you install, say, a proxy software like Nginx on the Solr host would you be able to connect from the outside.
If we remove the noise from logs in localhost (dev) mode, it would give a more welcoming first-use experience and we could allow ourselves to be even more aggressive when *not* in localhost-mode. We could flood the AdminUI with warnings, we could fail to start Solr at all if no security configured, with the need for a `-Di.am.a.fool.to.run.solr.without.security=true` option to override. That would trigger some healthy discussions in various IT depts :)
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@lucene.apache.org
For additional commands, e-mail: issues-help@lucene.apache.org