How did you have it open to the Internet? Couldn't someone just DELETE everythin... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		MichaelGG on May 15, 2015 \| parent \| context \| favorite \| on: Remote Code Execution in Elasticsearch – CVE-2015-... How did you have it open to the Internet? Couldn't someone just DELETE everything? Or what kind of setup/restriction did you have?

skua on May 15, 2015 [–]

It was served through a proxy script, but actual ES instance was accessible to anyone and yes anyone could delete documents, groovy dynamic scripting was also enabled. Stupid setup I know... Our documents were not touched, but our servers were used to ddos something.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact