Documentation

Managing InfluxDB security

This page documents an earlier version of InfluxDB. InfluxDB v2.6 is the latest stable version.

Some customers may choose to install InfluxDB with public internet access, however doing so can inadvertently expose your data and invite unwelcome attacks on your database.

If InfluxDB is being deployed on a publicly accessible endpoint, we strongly recommend authentication be enabled. Otherwise the data will be publicly available to any unauthenticated user.

Check out the sections below for how protect the data in your InfluxDB instance.

Enabling authentication

Password protect your InfluxDB instance to keep any unauthorized individuals from accessing your data.

Resources: Set up Authentication

Managing users and permissions

Restrict access by creating individual users and assigning them relevant read and/or write permissions.

Resources: User Types and Privileges, User Management Commands

Enabling HTTPS

Using HTTPS secures the communication between clients and the InfluxDB server, and, in some cases, HTTPS verifies the authenticity of the InfluxDB server to clients (bi-directional authentication).

Resources: Enabling HTTPS

Securing your host

Ports

If you’re only running InfluxDB, close all ports on the host except for port 8086. You can also use a proxy to port 8086.

InfluxDB uses port 8088 for remote backups and restores. We highly recommend closing that port and, if performing a remote backup, giving specific permission only to the remote machine.

AWS recommendations

We recommend implementing on-disk encryption; InfluxDB does not offer built-in support to encrypt the data.


Was this page helpful?

Thank you for your feedback!


Set your InfluxDB URL

Linux Package Signing Key Rotation

All signed InfluxData Linux packages have been resigned with an updated key. If using Linux, you may need to update your package configuration to continue to download and verify InfluxData software packages.

For more information, see the Linux Package Signing Key Rotation blog post.

InfluxDB Cloud backed by InfluxDB IOx

All InfluxDB Cloud organizations created on or after January 31, 2023 are backed by the new InfluxDB IOx storage engine. Check the right column of your InfluxDB Cloud organization homepage to see which InfluxDB storage engine you’re using.

If powered by IOx, this is the correct documentation.

If powered by TSM, see the TSM-based InfluxDB Cloud documentation.

InfluxDB Cloud backed by InfluxDB TSM

All InfluxDB Cloud organizations created on or after January 31, 2023 are backed by the new InfluxDB IOx storage engine which enables nearly unlimited series cardinality and SQL query support. Check the right column of your InfluxDB Cloud organization homepage to see which InfluxDB storage engine you’re using.

If powered by TSM, this is the correct documentation.

If powered by IOx, see the IOx-based InfluxDB Cloud documentation.

State of the InfluxDB Cloud (IOx) documentation

The new documentation for InfluxDB Cloud backed by InfluxDB IOx is a work in progress. We are adding new information and content almost daily. Thank you for your patience!

If there is specific information you’re looking for, please submit a documentation issue.