Skip to content

Solr Credentials

Service Name: Apache Solr

Service Description: Apache Solr is an open-source enterprise search platform built on Apache Lucene. It provides distributed indexing, replication, load-balanced querying, automated failover and recovery, centralized configuration, and more. Solr powers the search and navigation features of many large internet sites.

Service Address: https://solr.apache.org/

Validation Type: API Auth

IP Allow list: IP restrictions can be configured through Solr security plugins and firewall rules at the server level.

Secret Access Scope: Grants access to Solr instances, allowing operations such as querying, indexing, administration, and configuration management depending on the permission level of the credentials.

Secret Revokement URL: Does not exist (managed through Solr's security configuration files)

Secret Example: username:password or solr-admin:S0lr@dm1n2023!

Suspicious Activity Investigation Instructions:

  • Review Solr logs for unusual query patterns or high volumes of requests
  • Check for unauthorized schema modifications or collection creation
  • Monitor for unusual data indexing operations or bulk deletions
  • Examine access logs for connections from unexpected IP addresses
  • Look for attempts to access the Solr admin interface from unauthorized sources
  • Check for unusual JMX operations if JMX is enabled

Mitigation Instructions:

  • Change the compromised credentials immediately in Solr's security

configuration

  • Update the security.json file with new credentials
  • Restart the Solr service to apply the security changes
  • Consider implementing or updating Solr's authentication plugins (Basic

Authentication, JWT, Kerberos)

  • Enable request logging to track future access attempts
  • Implement IP filtering to restrict access to trusted networks only
  • Consider setting up a reverse proxy in front of Solr for additional security
  • Review and update your Solr security configuration to follow best practices