The Solr engine is no public service within the CMCC architecture. Therefore, any external requests should be blocked by a firewall.

Index update requests (like "delete all") from internal computers should be restricted by Basic Authentication. For details, see Solr Reference Guide: Securing Solr. All related CMCC components are capable of Solr Basic Authentication and feature the configuration properties solr.username and solr.password to set the credentials.