On my development system I have a Solr server running that is queried by a local web application using Ajax-Solr.
I guess on a production system I have to protect the Solr server somehow that only query requests can be made that are predefined.
What is the best way for such a protection? Does (swiss army knife) Solr also have something like that built in? Or do I have to use a proxy server? If yes, what would be an easy one to setup?
one option you can do is set up a reverse proxy on an apache server, that translates a url into the solr request. you can do this by simply only making a reverse proxy entry for the "select" or "spell" function of solr, so: mydomain.com/solr_search could point to localhost:8080/solrname/select|spell
then you lock down the solr port so it can only be used by local host requests.