A recent vulnerability scan detected a “Elasticsearch Unrestricted Access Information Disclosure” in our Dataminer servers. A quick check revealed that this vulnerability is related to Elasticsearch not restricting access to resources by performing user authentication (https://www.tenable.com/plugins/nessus/101025).
Is there a way we can secure the Elasticsearch instance and have the DMA authenticate when accessing the Elasticsearch instance?
Thanks.
Andrew Teoh [DevOps Member] Selected answer as best 24th January 2025

Hi Andrew, please use the link below for more info on securing your elastic search.
Andrew Teoh [DevOps Member] Selected answer as best 24th January 2025
Hi Ive… Thanks for pointing me in the right direction.. Will try it out…
I see that this question has been inactive for some time. Do you still need help with this? If not, could you select the answer (using the ✓ icon)?