Elasticsearch has implemented several security measures in its 1.2.x release to enhance the protection of its nodes, including changing default settings to restrict outside access and disabling dynamic scripting by default. Users are advised to avoid running Elasticsearch as a public-facing service and to ensure it operates behind a firewall, with ports 9200 and 9300 blocked from unauthorized access. Running Elasticsearch as a non-root dedicated user is recommended for increased security. Disabling dynamic scripting, previously enabled, mitigates the risk of arbitrary code execution through scripts that exploit the Java Virtual Machine. Instead, scripts should be stored in files within the config/scripts directory to maintain security while allowing functionality. Recent attacks exploiting publicly available Elasticsearch servers have prompted guidance on monitoring for breaches, such as unusual system load and modifications to critical system files. Elasticsearch encourages users to report vulnerabilities promptly to maintain system safety and integrity.