ElasticSearch Security Advisory


Well-known member
If I change network.host to Will this set network.bind_host and network.publish_host to the same value ( automatically?
Yes, you only need to uncomment network.host, you can leave the other 2 variables commented. I made those settings clear on AXIVO rpm /etc/elasticsearch/elasticsearch.yml, as some of them are pretty confusing:
# Network Host
# Sets both 'bind_host' and 'publish_host' settings.
# The default is any (

# Network Bind Host
# Sets the bind address specifically (IPv4 or IPv6).

# Network Published Host
# Sets the address other nodes will use to communicate with this node. If not
# set, it is automatically derived. It must point to an actual IP address.


Well-known member
If you are doing clustering, there is the option: "transport.host"

This allows you to push the node-node traffic onto a private network (using "transport.host: _eth1:ipv4_") while allowing client queries on any interface or just localhost.