Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Solr should only be accessible to the frevvo server i.e. http://localhost:8983/, and should not be remotely accessible. Most customers don’t allow external http access to a server (only https). Since solr is not exposed over https (at least it shouldn't be from a security perspective), remote code execution vulnerability can be mitigated (a remote attacker cannot exploit this vulnerability as it is not exposed). Another option to enhance solr security is to block external access to port 8983, for example using firewall rules.

...