From the administrative command prompt, type the following command with the name you gave to the Insight Server service:
sc config frevvoforms depend= <name of the Insight Server service>
Solr should only be accessible to the frevvo server i.e. , and should not be remotely accessible. Most customers don’t allow external http access to a server (only https). Since solr is not exposed over https (at least it shouldn't be from a security perspective), remote code execution vulnerability can be mitigated (a remote attacker cannot exploit this vulnerability as it is not exposed). Another option is to block external access to port 8983, for example using firewall rules.
frevvo accesses solr via the client API and does not use velocity. It also encodes all solr query parameters, so it is not possible to attack via injection.