I recently discovered Solr (Jetty to be specific) binds to "::" by default, which is the ipv6 equivalent to "0.0.0.0". It essentially opened the Solr instance to the world.<p>I luckily caught it before indexing any data, but it opened my eyes to how easy it is for something like this to slip by. How can we prevent such things from happening?<p>I have since installed ufw and block all incoming traffic except to ports 22, 80 and 443 as a "layer" of defense (my thinking is, I won't accidentally expose a port this way).
This is <i>exactly</i> what firewalls are for. Your "layer" of defense is <i>the</i> defense. If you want another layer, then set up another firewall further along the network.