Question about security

Gary Smith gary.smith at
Wed Jan 12 13:17:14 EST 2011

> Hi,
> Newbie question. I am trying to find documentation about Riak security.
> I have seen
> but I could not find much on access control.
> Is it possible to secure access to Riak nodes? Does it offer something
> similar to (i.e. remote login)?
> I read somewhere that Riak does not use encryption for exchange between
> nodes. Is this (still) correct? What about communication with users
> applications?
> If the answer to the above question is no, then how can one secure a
> Riak system properly?

Put an apache (or whatever) server in front and proxy the requests accordingly and setup the security through the underlying web service.  

You -> [ apache -> riak ] (where [] is the box).


You -> apache -> riak (where riak only allows requests from the apache server via the firewall on the riak server -- such as iptables)

The same problem exists in technologies like memcached.   

More information about the riak-users mailing list