Rohman, In our case, the only nodes that are allowed to hit the Riak cluster are those of our applications. We do not allow access to the Riak nodes from the public Internet. Firewall rules are in place to prevent this in some cases, and in others the Riak nodes themselves are on internal networks. In general I think either of these approaches is sound (I'm happy to be corrected ;)). Perhaps you should look into something similar?
Best regards OJ On 27 May 2011 14:55, Antonio Rohman Fernandez <roh...@mahalostudio.com>wrote: > hello all, > > http://IP:8098/riak?buckets=true [ will show all available buckets on Riak > ] > http://IP:8098/riak/bucketname?keys=true&props=false [ will show all > available keys on a bucket ] > > to me, this proves a very big security risk, as if somebody discovers your > Riak server's IP, is very easy to read all the information from it, even if > you try to obfuscate the buckets/keys... everything is highly readable. > there is any way to disable those options? like {riak_kv_stat, false} hides > the /stats page > > thanks > > Rohman > > [image: line][image: logo] <http://mahalostudio.com> *Antonio Rohman > Fernandez* > CEO, Founder & Lead Engineer > roh...@mahalostudio.com *Projects* > MaruBatsu.es <http://marubatsu.es> > PupCloud.com <http://pupcloud.com> > Wedding Album <http://wedding.mahalostudio.com>[image: line] > > > _______________________________________________ > riak-users mailing list > riak-users@lists.basho.com > http://lists.basho.com/mailman/listinfo/riak-users_lists.basho.com > > -- OJ Reeves http://buffered.io/
_______________________________________________ riak-users mailing list riak-users@lists.basho.com http://lists.basho.com/mailman/listinfo/riak-users_lists.basho.com
