RE: How to disable the admin interface

[Siddhartha Singh Sandhu <sa...@gmail.com>]

Hi,

I want to disable the admin interface in SOLR. I understand that
authentication is available in the solrcloud mode but until that happens I
want to disable the admin interface in my prod environment.

How can I do this?

Regards.

Sid.

Re: How to disable the admin interface

[Ganesh <em...@yahoo.co.in>]

Hi

See if this article helps you. 
http://www.findbestopensource.com/article-detail/restrict-solr-admin-access

It has settings with regard to tomcat.

Regards
Ganesh


On 10/6/2015 2:21 AM, Shawn Heisey wrote:
> On 10/4/2015 3:07 PM, Siddhartha Singh Sandhu wrote:
>> I am on page with you guys about the ssh authentication and communicating
>> with the API's that SOLR has to provide. I simply don't want the GUI as it
>> is nobody will be able to access it once I set the policy on my server
>> except for servers in the same network. Also, now that we are on that
>> issue, does SOLR URL's have checks to guard against penetration attacks as
>> the "prod setup" guide is so openly available?
> If you use the startup scripts that come with the latest version of
> Solr, then all the network and HTTP protocol support is provided by
> Jetty 9.2.  The Jetty install is reasonably close to a standard
> out-of-the-box Jetty config, with unnecessary modules disabled or
> removed entirely.  If Jetty does the things you want to know about with
> the limited set of modules and config included in Solr, then Solr will
> do those things.  If the included Jetty doesn't do those things, then
> Solr will not do them either.
>
> If Solr is installed into a separate container, then all the network and
> HTTP protocol support is provided by software that receives no official
> testing, but may be capable of things that Solr doesn't do if you use
> the provided container.
>
> Solr is intended to be installed in a part of your network that already
> has access restricted to only authorized personnel.  It is generally not
> a good idea to expose ANY internal service to people who have no
> business accessing it.  Usually that means restricting access at the
> network level to servers that require access, all your employees, and
> trusted contractors, but if you are very paranoid, you might restrict it
> to only certain employees.
>
> The admin UI is a useful tool in the hands of those who are authorized
> to use it, but if you really want to remove it entirely, you can find
> the files that power it and delete those files.  You will need to delete
> them each time you upgrade Solr as well.  I have not verified this, but
> I think that if you delete admin.html, index.html, css, img, js, libs,
> partials, and tpl from server/solr-webapp/webapp, this would eliminate
> all the static content that powers the admin UI.  This is not likely to
> break anything in Solr itself, but it also won't prevent anyone from
> doing something malicious to Solr.
>
> Note that if you delete these files and directories on Solr 5.2.1 or
> earlier, the files may get re-extracted from the solr.war file, so you
> might want to also open the .war file (it's in ZIP format) and remove
> them there too.  Solr 5.3.x no longer *has* a .war file -- the webapp is
> installed as a directory instead.
>
> Removing the UI will not help with performance, and the files are only
> about four megabytes in size ... barely anything to worry about.
>
> Thanks,
> Shawn
>
>

Re: How to disable the admin interface

[Shawn Heisey <ap...@elyograg.org>]

On 10/4/2015 3:07 PM, Siddhartha Singh Sandhu wrote:
> I am on page with you guys about the ssh authentication and communicating
> with the API's that SOLR has to provide. I simply don't want the GUI as it
> is nobody will be able to access it once I set the policy on my server
> except for servers in the same network. Also, now that we are on that
> issue, does SOLR URL's have checks to guard against penetration attacks as
> the "prod setup" guide is so openly available?

If you use the startup scripts that come with the latest version of
Solr, then all the network and HTTP protocol support is provided by
Jetty 9.2.  The Jetty install is reasonably close to a standard
out-of-the-box Jetty config, with unnecessary modules disabled or
removed entirely.  If Jetty does the things you want to know about with
the limited set of modules and config included in Solr, then Solr will
do those things.  If the included Jetty doesn't do those things, then
Solr will not do them either.

If Solr is installed into a separate container, then all the network and
HTTP protocol support is provided by software that receives no official
testing, but may be capable of things that Solr doesn't do if you use
the provided container.

Solr is intended to be installed in a part of your network that already
has access restricted to only authorized personnel.  It is generally not
a good idea to expose ANY internal service to people who have no
business accessing it.  Usually that means restricting access at the
network level to servers that require access, all your employees, and
trusted contractors, but if you are very paranoid, you might restrict it
to only certain employees.

The admin UI is a useful tool in the hands of those who are authorized
to use it, but if you really want to remove it entirely, you can find
the files that power it and delete those files.  You will need to delete
them each time you upgrade Solr as well.  I have not verified this, but
I think that if you delete admin.html, index.html, css, img, js, libs,
partials, and tpl from server/solr-webapp/webapp, this would eliminate
all the static content that powers the admin UI.  This is not likely to
break anything in Solr itself, but it also won't prevent anyone from
doing something malicious to Solr.

Note that if you delete these files and directories on Solr 5.2.1 or
earlier, the files may get re-extracted from the solr.war file, so you
might want to also open the .war file (it's in ZIP format) and remove
them there too.  Solr 5.3.x no longer *has* a .war file -- the webapp is
installed as a directory instead.

Removing the UI will not help with performance, and the files are only
about four megabytes in size ... barely anything to worry about.

Thanks,
Shawn

Re: How to disable the admin interface

[Siddhartha Singh Sandhu <sa...@gmail.com>]

Just put my solr on a private subnet. Nobody can reach it unless I will it.

I am just a bit concerned whether the solr requesthandler checks against
pen test logic.

Thank you for the support everyone. Appreciate it.

On Mon, Oct 5, 2015 at 2:43 PM, Upayavira <uv...@odoko.co.uk> wrote:

> Well, there's a difference between disabling the UI and disabling the
> API. The UI can be disabled (I think) by deleting the contents of
> server/solr-webapp/webapp (leaving behind the WEB-INF directory). But
> really, all that is doing is hiding a heap of code that is public
> already.
>
> As has been said, it is the APIs that that UI (which is just
> HTML/CSS/JS) uses that really need to be protected. Without these, they
> don't really tell the user much (except, perhaps, if they really look
> and changes have been made to the UI, which version of Solr is in use).
>
> Personally, I'd rather the authentication framework be able to prevent
> access to the HTML/CSS/JS, as this is what users expect of a UI. Hiding
> the API is needed for security, hiding the UI is valuable in terms of
> user experience - e.g. what does a user see if the API is blocked?
> Probably a heap of nasty exceptions.
>
> Upayavira
>
> On Mon, Oct 5, 2015, at 07:38 PM, Walter Underwood wrote:
> > You understand that disabling the admin API will leave you with an
> > unmaintainable Solr installation, right? You might not even be able to
> > diagnose the problem.
> >
> > wunder
> > Walter Underwood
> > wunder@wunderwood.org
> > http://observer.wunderwood.org/  (my blog)
> >
> > > On Oct 5, 2015, at 11:34 AM, Siddhartha Singh Sandhu <
> sandhusolr@gmail.com> wrote:
> > >
> > > Help please?
> > >
> > > On Sun, Oct 4, 2015 at 5:07 PM, Siddhartha Singh Sandhu <
> > > sandhusolr@gmail.com> wrote:
> > >
> > >> Hi Shawn and Andrew,
> > >>
> > >> I am on page with you guys about the ssh authentication and
> communicating
> > >> with the API's that SOLR has to provide. I simply don't want the GUI
> as it
> > >> is nobody will be able to access it once I set the policy on my server
> > >> except for servers in the same network. Also, now that we are on that
> > >> issue, does SOLR URL's have checks to guard against penetration
> attacks as
> > >> the "prod setup" guide is so openly available?
> > >>
> > >> Regards,
> > >> Sid.
> > >>
> > >> On Sun, Oct 4, 2015 at 4:55 AM, Andrea Open Source <
> > >> andrearoggerone.osrc@gmail.com> wrote:
> > >>
> > >>> Hi,
> > >>> As Shawn is saying, disabling the Admin interface is not the right
> way to
> > >>> go. If you just disable the admin interface users could still run
> queries
> > >>> and you don't want that. The solution that you're looking for, is
> enabling
> > >>> the ssh authentication so only the users with the right certificate
> can
> > >>> query Solr or reach the admin.
> > >>>
> > >>>
> > >>> King Regards,
> > >>> Andrea Roggerone
> > >>>
> > >>>> On 04/ott/2015, at 08:11, Shawn Heisey <ap...@elyograg.org> wrote:
> > >>>>
> > >>>>> On 10/3/2015 9:17 PM, Siddhartha Singh Sandhu wrote:
> > >>>>> I want to disable the admin interface in SOLR. I understand that
> > >>>>> authentication is available in the solrcloud mode but until that
> > >>> happens I
> > >>>>> want to disable the admin interface in my prod environment.
> > >>>>>
> > >>>>> How can I do this?
> > >>>>
> > >>>> Why do you need to disable the admin interface?  The admin
> interface is
> > >>>> just a bunch of HTML, CSS, and Javascript.  It downloads code that
> runs
> > >>>> inside your browser and turns it into a tool that can manipulate
> Solr.
> > >>>>
> > >>>> The parts of Solr that need protecting are the APIs that the admin
> > >>>> interface calls.  When authentication is enabled in the newest Solr
> > >>>> versions, it is not the admin interface that is protected, it is
> those
> > >>>> APIs called by the admin interface.  Anyone can use those APIs
> directly,
> > >>>> completely independent of the interface.
> > >>>>
> > >>>> Thanks
> > >>>> Shawn
> > >>>>
> > >>>
> > >>
> > >>
> >
>

Re: How to disable the admin interface

[Upayavira <uv...@odoko.co.uk>]

Well, there's a difference between disabling the UI and disabling the
API. The UI can be disabled (I think) by deleting the contents of
server/solr-webapp/webapp (leaving behind the WEB-INF directory). But
really, all that is doing is hiding a heap of code that is public
already.

As has been said, it is the APIs that that UI (which is just
HTML/CSS/JS) uses that really need to be protected. Without these, they
don't really tell the user much (except, perhaps, if they really look
and changes have been made to the UI, which version of Solr is in use).

Personally, I'd rather the authentication framework be able to prevent
access to the HTML/CSS/JS, as this is what users expect of a UI. Hiding
the API is needed for security, hiding the UI is valuable in terms of
user experience - e.g. what does a user see if the API is blocked?
Probably a heap of nasty exceptions.

Upayavira

On Mon, Oct 5, 2015, at 07:38 PM, Walter Underwood wrote:
> You understand that disabling the admin API will leave you with an
> unmaintainable Solr installation, right? You might not even be able to
> diagnose the problem.
> 
> wunder
> Walter Underwood
> wunder@wunderwood.org
> http://observer.wunderwood.org/  (my blog)
> 
> > On Oct 5, 2015, at 11:34 AM, Siddhartha Singh Sandhu <sa...@gmail.com> wrote:
> > 
> > Help please?
> > 
> > On Sun, Oct 4, 2015 at 5:07 PM, Siddhartha Singh Sandhu <
> > sandhusolr@gmail.com> wrote:
> > 
> >> Hi Shawn and Andrew,
> >> 
> >> I am on page with you guys about the ssh authentication and communicating
> >> with the API's that SOLR has to provide. I simply don't want the GUI as it
> >> is nobody will be able to access it once I set the policy on my server
> >> except for servers in the same network. Also, now that we are on that
> >> issue, does SOLR URL's have checks to guard against penetration attacks as
> >> the "prod setup" guide is so openly available?
> >> 
> >> Regards,
> >> Sid.
> >> 
> >> On Sun, Oct 4, 2015 at 4:55 AM, Andrea Open Source <
> >> andrearoggerone.osrc@gmail.com> wrote:
> >> 
> >>> Hi,
> >>> As Shawn is saying, disabling the Admin interface is not the right way to
> >>> go. If you just disable the admin interface users could still run queries
> >>> and you don't want that. The solution that you're looking for, is enabling
> >>> the ssh authentication so only the users with the right certificate can
> >>> query Solr or reach the admin.
> >>> 
> >>> 
> >>> King Regards,
> >>> Andrea Roggerone
> >>> 
> >>>> On 04/ott/2015, at 08:11, Shawn Heisey <ap...@elyograg.org> wrote:
> >>>> 
> >>>>> On 10/3/2015 9:17 PM, Siddhartha Singh Sandhu wrote:
> >>>>> I want to disable the admin interface in SOLR. I understand that
> >>>>> authentication is available in the solrcloud mode but until that
> >>> happens I
> >>>>> want to disable the admin interface in my prod environment.
> >>>>> 
> >>>>> How can I do this?
> >>>> 
> >>>> Why do you need to disable the admin interface?  The admin interface is
> >>>> just a bunch of HTML, CSS, and Javascript.  It downloads code that runs
> >>>> inside your browser and turns it into a tool that can manipulate Solr.
> >>>> 
> >>>> The parts of Solr that need protecting are the APIs that the admin
> >>>> interface calls.  When authentication is enabled in the newest Solr
> >>>> versions, it is not the admin interface that is protected, it is those
> >>>> APIs called by the admin interface.  Anyone can use those APIs directly,
> >>>> completely independent of the interface.
> >>>> 
> >>>> Thanks
> >>>> Shawn
> >>>> 
> >>> 
> >> 
> >> 
> 

Re: How to disable the admin interface

[Walter Underwood <wu...@wunderwood.org>]

You understand that disabling the admin API will leave you with an unmaintainable Solr installation, right? You might not even be able to diagnose the problem.

wunder
Walter Underwood
wunder@wunderwood.org
http://observer.wunderwood.org/  (my blog)

> On Oct 5, 2015, at 11:34 AM, Siddhartha Singh Sandhu <sa...@gmail.com> wrote:
> 
> Help please?
> 
> On Sun, Oct 4, 2015 at 5:07 PM, Siddhartha Singh Sandhu <
> sandhusolr@gmail.com> wrote:
> 
>> Hi Shawn and Andrew,
>> 
>> I am on page with you guys about the ssh authentication and communicating
>> with the API's that SOLR has to provide. I simply don't want the GUI as it
>> is nobody will be able to access it once I set the policy on my server
>> except for servers in the same network. Also, now that we are on that
>> issue, does SOLR URL's have checks to guard against penetration attacks as
>> the "prod setup" guide is so openly available?
>> 
>> Regards,
>> Sid.
>> 
>> On Sun, Oct 4, 2015 at 4:55 AM, Andrea Open Source <
>> andrearoggerone.osrc@gmail.com> wrote:
>> 
>>> Hi,
>>> As Shawn is saying, disabling the Admin interface is not the right way to
>>> go. If you just disable the admin interface users could still run queries
>>> and you don't want that. The solution that you're looking for, is enabling
>>> the ssh authentication so only the users with the right certificate can
>>> query Solr or reach the admin.
>>> 
>>> 
>>> King Regards,
>>> Andrea Roggerone
>>> 
>>>> On 04/ott/2015, at 08:11, Shawn Heisey <ap...@elyograg.org> wrote:
>>>> 
>>>>> On 10/3/2015 9:17 PM, Siddhartha Singh Sandhu wrote:
>>>>> I want to disable the admin interface in SOLR. I understand that
>>>>> authentication is available in the solrcloud mode but until that
>>> happens I
>>>>> want to disable the admin interface in my prod environment.
>>>>> 
>>>>> How can I do this?
>>>> 
>>>> Why do you need to disable the admin interface?  The admin interface is
>>>> just a bunch of HTML, CSS, and Javascript.  It downloads code that runs
>>>> inside your browser and turns it into a tool that can manipulate Solr.
>>>> 
>>>> The parts of Solr that need protecting are the APIs that the admin
>>>> interface calls.  When authentication is enabled in the newest Solr
>>>> versions, it is not the admin interface that is protected, it is those
>>>> APIs called by the admin interface.  Anyone can use those APIs directly,
>>>> completely independent of the interface.
>>>> 
>>>> Thanks
>>>> Shawn
>>>> 
>>> 
>> 
>> 

Re: How to disable the admin interface

[Siddhartha Singh Sandhu <sa...@gmail.com>]

Help please?

On Sun, Oct 4, 2015 at 5:07 PM, Siddhartha Singh Sandhu <
sandhusolr@gmail.com> wrote:

> Hi Shawn and Andrew,
>
> I am on page with you guys about the ssh authentication and communicating
> with the API's that SOLR has to provide. I simply don't want the GUI as it
> is nobody will be able to access it once I set the policy on my server
> except for servers in the same network. Also, now that we are on that
> issue, does SOLR URL's have checks to guard against penetration attacks as
> the "prod setup" guide is so openly available?
>
> Regards,
> Sid.
>
> On Sun, Oct 4, 2015 at 4:55 AM, Andrea Open Source <
> andrearoggerone.osrc@gmail.com> wrote:
>
>> Hi,
>> As Shawn is saying, disabling the Admin interface is not the right way to
>> go. If you just disable the admin interface users could still run queries
>> and you don't want that. The solution that you're looking for, is enabling
>> the ssh authentication so only the users with the right certificate can
>> query Solr or reach the admin.
>>
>>
>> King Regards,
>> Andrea Roggerone
>>
>> > On 04/ott/2015, at 08:11, Shawn Heisey <ap...@elyograg.org> wrote:
>> >
>> >> On 10/3/2015 9:17 PM, Siddhartha Singh Sandhu wrote:
>> >> I want to disable the admin interface in SOLR. I understand that
>> >> authentication is available in the solrcloud mode but until that
>> happens I
>> >> want to disable the admin interface in my prod environment.
>> >>
>> >> How can I do this?
>> >
>> > Why do you need to disable the admin interface?  The admin interface is
>> > just a bunch of HTML, CSS, and Javascript.  It downloads code that runs
>> > inside your browser and turns it into a tool that can manipulate Solr.
>> >
>> > The parts of Solr that need protecting are the APIs that the admin
>> > interface calls.  When authentication is enabled in the newest Solr
>> > versions, it is not the admin interface that is protected, it is those
>> > APIs called by the admin interface.  Anyone can use those APIs directly,
>> > completely independent of the interface.
>> >
>> > Thanks
>> > Shawn
>> >
>>
>
>

Re: How to disable the admin interface

[Siddhartha Singh Sandhu <sa...@gmail.com>]

Hi Shawn and Andrew,

I am on page with you guys about the ssh authentication and communicating
with the API's that SOLR has to provide. I simply don't want the GUI as it
is nobody will be able to access it once I set the policy on my server
except for servers in the same network. Also, now that we are on that
issue, does SOLR URL's have checks to guard against penetration attacks as
the "prod setup" guide is so openly available?

Regards,
Sid.

On Sun, Oct 4, 2015 at 4:55 AM, Andrea Open Source <
andrearoggerone.osrc@gmail.com> wrote:

> Hi,
> As Shawn is saying, disabling the Admin interface is not the right way to
> go. If you just disable the admin interface users could still run queries
> and you don't want that. The solution that you're looking for, is enabling
> the ssh authentication so only the users with the right certificate can
> query Solr or reach the admin.
>
>
> King Regards,
> Andrea Roggerone
>
> > On 04/ott/2015, at 08:11, Shawn Heisey <ap...@elyograg.org> wrote:
> >
> >> On 10/3/2015 9:17 PM, Siddhartha Singh Sandhu wrote:
> >> I want to disable the admin interface in SOLR. I understand that
> >> authentication is available in the solrcloud mode but until that
> happens I
> >> want to disable the admin interface in my prod environment.
> >>
> >> How can I do this?
> >
> > Why do you need to disable the admin interface?  The admin interface is
> > just a bunch of HTML, CSS, and Javascript.  It downloads code that runs
> > inside your browser and turns it into a tool that can manipulate Solr.
> >
> > The parts of Solr that need protecting are the APIs that the admin
> > interface calls.  When authentication is enabled in the newest Solr
> > versions, it is not the admin interface that is protected, it is those
> > APIs called by the admin interface.  Anyone can use those APIs directly,
> > completely independent of the interface.
> >
> > Thanks
> > Shawn
> >
>

Re: How to disable the admin interface

[Andrea Open Source <an...@gmail.com>]

Hi,
As Shawn is saying, disabling the Admin interface is not the right way to go. If you just disable the admin interface users could still run queries and you don't want that. The solution that you're looking for, is enabling the ssh authentication so only the users with the right certificate can query Solr or reach the admin.


King Regards,
Andrea Roggerone

> On 04/ott/2015, at 08:11, Shawn Heisey <ap...@elyograg.org> wrote:
> 
>> On 10/3/2015 9:17 PM, Siddhartha Singh Sandhu wrote:
>> I want to disable the admin interface in SOLR. I understand that
>> authentication is available in the solrcloud mode but until that happens I
>> want to disable the admin interface in my prod environment.
>> 
>> How can I do this?
> 
> Why do you need to disable the admin interface?  The admin interface is
> just a bunch of HTML, CSS, and Javascript.  It downloads code that runs
> inside your browser and turns it into a tool that can manipulate Solr.
> 
> The parts of Solr that need protecting are the APIs that the admin
> interface calls.  When authentication is enabled in the newest Solr
> versions, it is not the admin interface that is protected, it is those
> APIs called by the admin interface.  Anyone can use those APIs directly,
> completely independent of the interface.
> 
> Thanks
> Shawn
> 

Re: How to disable the admin interface

[Shawn Heisey <ap...@elyograg.org>]

On 10/3/2015 9:17 PM, Siddhartha Singh Sandhu wrote:
> I want to disable the admin interface in SOLR. I understand that
> authentication is available in the solrcloud mode but until that happens I
> want to disable the admin interface in my prod environment.
> 
> How can I do this?

Why do you need to disable the admin interface?  The admin interface is
just a bunch of HTML, CSS, and Javascript.  It downloads code that runs
inside your browser and turns it into a tool that can manipulate Solr.

The parts of Solr that need protecting are the APIs that the admin
interface calls.  When authentication is enabled in the newest Solr
versions, it is not the admin interface that is protected, it is those
APIs called by the admin interface.  Anyone can use those APIs directly,
completely independent of the interface.

Thanks
Shawn