- Community Home
- >
- Storage
- >
- Midrange and Enterprise Storage
- >
- HPE 3PAR StoreServ Storage
- >
- 3PAR quorum couchdb security
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-19-2018 08:13 AM
11-19-2018 08:13 AM
3PAR quorum couchdb security
Hello all,
Have someone experiance with the security on the couchdb which is used on the quorum server. Is it possible to add a security password on it, to prevent a non password connection. Or is it used by the controllers to communicate, in a peer persistance configuration.
Normally it is a way that can be used to check if it's running:
with response: {"couchdb":"Welcome","version":"1.0.4"}
With regards,
Otto
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-30-2018 01:42 AM
11-30-2018 01:42 AM
Re: 3PAR quorum couchdb security
This is security volunerability issue. Which would be fixed in the next release of Quorum Witness which would be expected to release next year ( 2019). As of now we have below available action plan as a workaround ;
- Add new firewall rules to allow access to port 8080 from the 3PAR arrays allowed access to the Quorum Witness and to block access to all others.
iptables -I INPUT 1 -p tcp –dport 8080 -s <ip-addr-array1> -j ACCEPT
iptables -I INPUT 2 -p tcp –dport 8080 -s <ip-addr-array2> -j ACCEPT
<add rules for additional 3PAR arrays sharing the quorum witness> iptables -I INPUT 3 -p tcp –dport 8080 -j DROP
- Save the firewall rules:
/etc/init.d/iptables save
- Restart the firewall with the newly saved rules:
/etc/init.d/iptables restart
- Verify that the rules are as expected (the 3 news rules are at the top).
iptables -L