- Bind Elasticsearch and Kibana to internal interfaces.
- Restrict ports
9200, 5601, 5044 to trusted networks.
- Use TLS for all internal traffic where possible.
¶ Authentication and Access
- Enable built-in security features and user auth.
- Use strong passwords and rotate API keys.
- Set retention and ILM policies for indices.
- Back up critical indices and config regularly.
- Run services as dedicated users.
- Limit file permissions on config and keystores.
- Keep the stack updated.
Do you need help or support? Feel free to contact us!