最近在docker上装了一台elasticesearch, 被安全部门扫描出弱密码漏洞,
修复之:
cd /usr/share/elasticsearch/config vim config/elasticsearch.yml http.basic.enabled true http.basic.user "admin" http.basic.password "admin123456" http.basic.ipwhitelist ["localhost", "127.0.0.1"]
https://www.cnblogs.com/xiaozi/p/8275201.html
打开basic认证太烦, 不利于学习~~ 就加一个白名单看看可以修复不.
经过验证,,,, 不能用.可能是版本太新
导致docker 都起不来了.起不来的解决办法
docker cp 84a215389de8:/usr/share/elasticsearch/config/elasticsearch.yml elasticsearch.yml 修复 docker cp elasticsearch.yml 84a215389de8:/usr/share/elasticsearch/config/elasticsearch.yml