Skip to main content

Indexing

In IndexingController we have methods to monitor and run indexing.

Elasticsearch Query Protection

To prevent DoS attacks through excessive query sizes, Hanami enforces configurable limits on Elasticsearch queries:

Configuration Parameters

  • HANAMI_ES_MAX_RESULTS (default: 10000): Maximum number of results that can be requested in a single query
  • HANAMI_ES_MAX_WINDOW (default: 10000): Maximum value for from + size combination (pagination depth limit)

These parameters can be set as environment variables or in external customer.yml configuration:

hanami:
elasticsearch:
query:
maxResultsLimit: ${HANAMI_ES_MAX_RESULTS:10000}
maxWindow: ${HANAMI_ES_MAX_WINDOW:10000}

When a query exceeds these limits, the system automatically reduces the request to the maximum allowed values and logs a warning. This prevents memory exhaustion attacks while maintaining normal functionality for legitimate queries.

Check if indexing is running

GET /api/admin/index/is-running

A call without any parameters returns true if indexing is running, false otherwise.

Index a full workspace

POST /api/admin/index?workspace=…&clear=…
  • workspace, URI of the workspace
  • clear, an optional parameter of type boolean; if true, it will clear all data from the workspace

Runs a full indexing process on the workspace and updates all collection indexes.

Index a collection

POST /api/admin/index/collection?collection=…
  • collection, URI of the collection
  • clear, an optional parameter of type boolean; if true, it will clear all data from the workspace

Runs an indexing process on the specific collection and updates the indexes.

Index a list of items

POST /api/admin/index/items?collection=…&item=…
  • collection, URI of the collection
  • item, a list of item URIs

Runs an indexing process on the specified list of items.