How to secure an Internet-facing Elastic Search implementation in a shared hosting environment?

Posted by casperOne on Server Fault See other posts from Server Fault or by casperOne
Published on 2011-02-27T01:20:27Z Indexed on 2011/02/27 7:26 UTC
Read the original article Hit count: 252

Filed under:
|
|

(Originally asked on StackOverflow, and recommended that I move it here)

I've been going over the documentation for Elastic Search and I'm a big fan and I'd like to use it to handle the search for my ASP.NET MVC app.

That introduces a few interesting twists, however. If the ASP.NET MVC application was on a dedicated machine, it would be simple to spool up an instance of Elastic Search and use the TCP Transport to connect locally.

However, I'm not on a dedicated machine for the ASP.NET MVC application, nor does it look like I'll move to one anytime soon.

That leaves hosting Elastic Search on another machine (in the *NIX world) and I would probably go with shared hosting there.

One of the biggest things lacking from Elastic Search, however, is the fact that it doesn't support HTTPS and basic authentication out of the box. If it did, then this question wouldn't exist; I'd simply host it somewhere and make sure to have an incredibly secure password and HTTPS enabled (possibly with a self-signed certificate).

But that's not the case.

That given, what is a good way to expose Elastic Search over the Internet in a secure way?

Note, I'm looking for something that hopefully, will not require writing code to provide shims for the methods that I want (in other words, writing forwarders).

© Server Fault or respective owner

Related posts about security

Related posts about search