Some customers may choose to install InfluxDB Enterprise with public internet access, however doing so can inadvertently expose your data and invite unwelcome attacks on your database. Check out the sections below for how protect the data in your InfluxEB Enterprise instance.
Password protect your InfluxDB Enterprise instance to keep any unauthorized individuals from accessing your data.
Resources: Set up Authentication
Manage users and their permissions
Restrict access by creating individual users and assigning them relevant read and/or write permissions.
Set up HTTPS
Using HTTPS secures the communication between clients and the InfluxDB server, and, in some cases, HTTPS verifies the authenticity of the InfluxDB server to clients (bi-directional authentication). The communicatio between the meta nodes and the data nodes are also secured via HTTPS.
Resources: HTTPS Setup
Secure your host
For InfluxDB Enterprise data nodes, close all ports on each host except for port
You can also use a proxy to port
8086. By default, data nodes and meta nodes communicate with each other over ‘8088’,‘8089’,and’8091’
For InfluxDB Enterprise, backups and restores is performed from the meta nodes.
We recommend implementing on-disk encryption; InfluxDB does not offer built-in support to encrypt the data.