elasticsearch 9200端口如果不實現登錄認證,可能會出現數據被盜,數據丟失的風險。會有Elasticsearch 未授權訪問,漏洞
1.更改默認端口
2.更改配置 elasticsearch.yml
network.bind_host: '內網IP' network.publish_host: '內網IP' 替換 network.host: 0.0.0.0
3.安裝x-pack插件
在elasticsearch安裝x-pack插件,在elasticsearch配置文件中添加 :
xpack.security.enabled: true
http.cors.enabled: true
http.cors.allow-origin: “*”
安裝:./bin/elasticsearch-plugin install x-pack
默認用戶密碼:
用戶名:elastic,密碼:changeme
PHP 訪問參數:
$params = [ [ 'host' => 'ip地址', 'port' => '端口號', 'scheme' => 'http', 'user' => '用戶', 'pass' => '密碼' ], ];