Thats an interesting topic cause the original idea was to secure it via ssl. If you have no ssl configued for inter-node communication its curently possible for a node to join the cluster but then, once joined, the permissions for every user are evaluated. we are a little bit unsure which direction to go: 1) make internode ssl more or less mandatory or 2) secure the cluster also without ssl against foreign nodes. But solution 2) will still need some crypto stuff which will decrease performance. Is internode ssl for you really a performance killer? have you do some measurements here?
> 995,"balance":21153,"firstname":"Phelps","lastname":"Parrish","age":25,"gender":"M","address":"666 Miller Place","employer":"Pearlessa","email":"
phelps...@pearlessa.com","city":"Brecon","state":"ME"}
> }
>
> Is there any configuration that I have to change to be able to stop unauthenticated requests interacting with search-guard enabled nodes ?
> Thanks for your awesome work, have a great day
>
> --
> You received this message because you are subscribed to the Google Groups "Search Guard" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to
search-guard...@googlegroups.com.
> To post to this group, send email to
search...@googlegroups.com.
> To view this discussion on the web visit
https://groups.google.com/d/msgid/search-guard/ad569383-78ee-403a-92b5-2458f780c2ef%40googlegroups.com.
> For more options, visit
https://groups.google.com/d/optout.