All geek questions in one place

Is it safe on a production server?

I have a database application (or search engine) called Solr.

I connect to it through port 8983.

I do this from PHP code, so I add and remove entries from it through php.

I have a firewall on my server.

I set this firewall to allow connections to and from this port (8983) only from the IP address of my own server. In other words, only allow IP servers access to this port.

It is safe? Or am I still not thinking so? Will others be able to "simulate" my IP address and act as a server?

This is because otherwise, others can add / remove entries as they want from their own IP addresses ...

thank

+3
source share
4 answers

It might be a good idea to also block all outgoing traffic from port 8983 on the server anywhere except your own server IP address. This, in addition to deleting a packet to this port from a server other than yours, will double guarantee that even if someone can modify the daemon listening on port 8983 on the server, allowing it to reflect traffic on another host, it will how to leave the computer.

+3
source

Yes, you are safe until no one gains control of your local server.

Solr "localhost" "127.0.0.1", "0.0.0.0", . , .

+2

, , . , , - script .

theatrus localhost.

, ,

ssh -l 8983: localhost: 8983 solr.server

. ( , ). .

, solr IDE, , . , .

0

. IP-, TCP- - . , nmap.

, - , PHP.

0

Source: https://habr.com/ru/post/1747775/

More articles:


All Articles