Indexing
In IndexingController
we have methods to monitor and run indexing.
Elasticsearch Query Protection
To prevent DoS attacks through excessive query sizes, Hanami enforces configurable limits on Elasticsearch queries:
Configuration Parameters
HANAMI_ES_MAX_RESULTS
(default: 10000): Maximum number of results that can be requested in a single queryHANAMI_ES_MAX_WINDOW
(default: 10000): Maximum value forfrom + size
combination (pagination depth limit)
These parameters can be set as environment variables or in external customer.yml
configuration:
hanami:
elasticsearch:
query:
maxResultsLimit: ${HANAMI_ES_MAX_RESULTS:10000}
maxWindow: ${HANAMI_ES_MAX_WINDOW:10000}
When a query exceeds these limits, the system automatically reduces the request to the maximum allowed values and logs a warning. This prevents memory exhaustion attacks while maintaining normal functionality for legitimate queries.
Check if indexing is running
GET /api/admin/index/is-running
A call without any parameters returns true
if indexing is running, false
otherwise.
Index a full workspace
POST /api/admin/index?workspace=…&clear=…
- workspace, URI of the workspace
- clear, an optional parameter of type
boolean
; iftrue
, it will clear all data from the workspace
Runs a full indexing process on the workspace and updates all collection indexes.
Index a collection
POST /api/admin/index/collection?collection=…
- collection, URI of the collection
- clear, an optional parameter of type
boolean
; iftrue
, it will clear all data from the workspace
Runs an indexing process on the specific collection and updates the indexes.
Index a list of items
POST /api/admin/index/items?collection=…&item=…
- collection, URI of the collection
- item, a list of item URIs
Runs an indexing process on the specified list of items.