Blog

Disabling security in Elasticsearch: A quick guide

This article will guide you through the process of disabling security in Elasticsearch.

Basics
DP
By: David Pilato

On

Overview

Elasticsearch comes with a robust security feature that helps to protect your data. However, there might be situations where you need to disable this security feature. Although it's not recommended, this article will guide you through the process of disabling security in Elasticsearch.

Understanding Elasticsearch Security

Elasticsearch security features are primarily designed to safeguard your clusters by providing a range of preventative measures. These include authentication, authorization, network encryption, audit logging, and more. While these features are essential for production environments, they might not be necessary during the development or testing phases. In such cases, disabling security can simplify the process.

Steps to Disable Security in Elasticsearch

Before proceeding, it's important to note that disabling security should only be done in a controlled environment and never in a production environment. Here are the steps to disable security in Elasticsearch:

Step 1: Access the Elasticsearch Configuration File

The first step is to access the Elasticsearch configuration file, elasticsearch.yml, which is typically located in the /etc/elasticsearch directory. You can use any text editor to open this file.

Step 2: Disable Security Features

In the elasticsearch.yml file, you will find several settings related to security. To disable security, you need to set the xpack.security.enabled setting to false. Here's how you can do it:

xpack.security.enabled: false

Save the changes and close the file.

Step 3: Restart Elasticsearch

After making the changes, you need to restart Elasticsearch for the changes to take effect. If you’re using a system with systemd, you can use the following command to restart Elasticsearch:

sudo systemctl restart elasticsearch

If you're using a system with SysV Init, you can use the following command instead:

sudo service elasticsearch restart

After restarting, Elasticsearch will operate without the security features.

Verifying the Changes

To verify that the security features have been disabled, you can try to access the Elasticsearch API without any credentials. If the security is disabled, you should be able to access the API without any authentication.

curl -X GET "localhost:9200/_cluster/health?pretty"

If the security is disabled, the above command should return the cluster health status without asking for any credentials.

Re-enabling Security in Elasticsearch

If you need to re-enable security in Elasticsearch, you can do so by setting the xpack.security.enabled setting back to true in the elasticsearch.yml file and then restarting Elasticsearch.

xpack.security.enabled: true

Remember to restart Elasticsearch after making the changes.

Final Thoughts

Disabling security in Elasticsearch can be useful in certain scenarios. However, it's crucial to remember that this should never be done in a production environment as it can expose your data to potential threats. Always ensure that security is enabled in production environments to protect your data and maintain the integrity of your Elasticsearch clusters.

Ready to try this out on your own? Start a free trial.

Want to get Elastic certified? Find out when the next Elasticsearch Engineer training is running!

Related content

How to use the Synonyms UI to upload and manage Elasticsearch synonyms
BasicsAI

October 14, 2025

How to use the Synonyms UI to upload and manage Elasticsearch synonyms

Learn how to use the Synonyms UI in Kibana to create synonym sets and assign them to indices.

JG
By: Jhon Guzmán
How to reduce the number of shards in an Elasticsearch Cluster
Basics

October 8, 2025

How to reduce the number of shards in an Elasticsearch Cluster

Learn how Elasticsearch shards affect cluster performance in this comprehensive guide, including how to get the shard count, change it from default, and reduce it if needed.

AS
By: Alex Salgado
How to deploy Elasticsearch on AWS Marketplace
Basics

October 3, 2025

How to deploy Elasticsearch on AWS Marketplace

Learn how to set up and run Elasticsearch using Elastic Cloud Service on AWS Marketplace in this step-by-step guide.

EM
By: Eduard Martin
HNSW graph: How to improve Elasticsearch performance
Basics

September 29, 2025

HNSW graph: How to improve Elasticsearch performance

Learn how to use the HNSW graph M and ef_construction parameters to improve search performance.

SC
By: Simon Cooper
Elasticsearch plugin for UBI: Analyze user data in Kibana
Basics

September 26, 2025

Elasticsearch plugin for UBI: Analyze user data in Kibana

Discover how to capture user behavior data using the Elasticsearch plugin for UBI and build a custom dashboard in Kibana to analyze it.

EMAD
By: Eduard Martin and Alexander Dávila

Ready to build state of the art search experiences?

Sufficiently advanced search isn’t achieved with the efforts of one. Elasticsearch is powered by data scientists, ML ops, engineers, and many more who are just as passionate about search as your are. Let’s connect and work together to build the magical search experience that will get you the results you want.

Try it yourself