← All Guides
🗄️
How to Secure Exposed Elasticsearch
Secure your exposed Elasticsearch cluster
Port 9200 · Databases
Step 1.Enable security
Enable X-Pack security to require authentication.
# elasticsearch.yml xpack.security.enabled: true
Step 2.Bind to localhost
Change network.host to only listen locally.
# elasticsearch.yml network.host: 127.0.0.1
Step 3.Set passwords
Generate passwords for built-in users.
bin/elasticsearch-setup-passwords auto
Step 4.Firewall the port
Block port 9200 from the internet.
sudo ufw deny 9200
After fixing:Use our Self-Check Tool to verify the port is no longer exposed.