[Archivesspace_Users_Group] Security question

Chris Fitzpatrick Chris.Fitzpatrick at lyrasis.org
Wed Jun 3 06:41:15 EDT 2015


Hi Rick,


I think this would be a false positive, since it's the Solr index that runs on port 8090.


However, its strongly recommend that Solr be firewalled off so that the only clients accessing it are your own. That means only allowing access from whatever host your backend, frontend, public, and indexer are running on.


b,chris.


Chris Fitzpatrick | Developer, ArchivesSpace
Skype: chrisfitzpat  | Phone: 918.236.6048
http://archivesspace.org/
________________________________
From: archivesspace_users_group-bounces at lyralists.lyrasis.org <archivesspace_users_group-bounces at lyralists.lyrasis.org> on behalf of Neal, Rick <rneal at richmond.edu>
Sent: Tuesday, June 2, 2015 9:49 PM
To: Archivesspace Users Group
Subject: [Archivesspace_Users_Group] Security question


Hello All,



I am running a security scan on our Archivesspace test server and received a notice that I have a 'Browsable web directory'.



I have removed 'Indexes' from the httpd.conf file but the directory is still browsable on http://servername:8090.



Any thoughts on how to stop this from occurring would be appreciated.



Thanks,



Rick



~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Rick Neal

Library Applications and Systems Administrator

Boatwright Memorial Library

University of Richmond, VA 23173



rneal at richmond.edu


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lyralists.lyrasis.org/pipermail/archivesspace_users_group/attachments/20150603/21ec2557/attachment.html>


More information about the Archivesspace_Users_Group mailing list