Manage security in InfluxDB Enterprise

Some customers may choose to install InfluxDB Enterprise with public internet access, however doing so can inadvertently expose your data and invite unwelcome attacks on your database. Check out the sections below for how protect the data in your InfluxDB Enterprise instance.

Enable authentication

Password protect your InfluxDB Enterprise instance to keep any unauthorized individuals from accessing your data.

Resources: Set up Authentication

Manage users and permissions

Restrict access by creating individual users and assigning them relevant read and/or write permissions.

Resources: User types and privileges, User management commands, Fine-grained authorization

Enable HTTPS

Using HTTPS secures the communication between clients and the InfluxDB server, and, in some cases, HTTPS verifies the authenticity of the InfluxDB server to clients (bi-directional authentication). The communicatio between the meta nodes and the data nodes are also secured via HTTPS.

Resources: Enabling HTTPS

Secure your host


For InfluxDB Enterprise data nodes, close all ports on each host except for port 8086. You can also use a proxy to port 8086. By default, data nodes and meta nodes communicate with each other over ‘8088’,‘8089’,and'8091’

For InfluxDB Enterprise, backing up and restoring is performed from the meta nodes.

AWS Recommendations

InfluxData recommends implementing on-disk encryption; InfluxDB does not offer built-in support to encrypt the data.

Was this page helpful?

Thank you for your feedback!

Set your InfluxDB URL

Introducing InfluxDB 3.0

The new core of InfluxDB built with Rust and Apache Arrow. Available today in InfluxDB Cloud Dedicated.

Learn more

State of the InfluxDB Cloud Serverless documentation

The new documentation for InfluxDB Cloud Serverless is a work in progress. We are adding new information and content almost daily. Thank you for your patience!

If there is specific information you’re looking for, please submit a documentation issue.