The http module allows to expose elasticsearch APIs over HTTP.

The http mechanism is completely asynchronous in nature, meaning that there is no blocking thread waiting for a response. The benefit of using asynchronous communication for HTTP is solving the C10k problem.

When possible, consider using HTTP keep alive when connecting for better performance and try to get your favorite client not to do HTTP chunking.


The following are the settings that can be configured for HTTP:

Setting Description


A bind port range. Defaults to 9200-9300.


The host address to bind the HTTP service to. Defaults to (if set) or network.bind_host.


The host address to publish for HTTP clients to connect to. Defaults to (if set) or network.publish_host.

Used to set the http.bind_host and the http.publish_host Defaults to or


The max content of an HTTP request. Defaults to 100mb


The max length of an HTTP URL. Defaults to 4kb


The max size of allowed headers. Defaults to 8kB


Support for compression when possible (with Accept-Encoding). Defaults to false.


Defines the compression level to use. Defaults to 6.


Enable or disable cross-origin resource sharing, i.e. whether a browser on another origin can do requests to Elasticsearch. Defaults to false.


Which origins to allow. Defaults to *, i.e. any origin. If you prepend and append a / to the value, this will be treated as a regular expression, allowing you to support HTTP and HTTPs. for example using /https?:\/\/localhost(:[0-9]+)?/ would return the request header appropriately in both cases.


Browsers send a "preflight" OPTIONS-request to determine CORS settings. max-age defines how long the result should be cached for. Defaults to 1728000 (20 days)


Which methods to allow. Defaults to OPTIONS, HEAD, GET, POST, PUT, DELETE.


Which headers to allow. Defaults to X-Requested-With, Content-Type, Content-Length.


Whether the Access-Control-Allow-Credentials header should be returned. Note: This header is only returned, when the setting is set to true. Defaults to false


Enable or disable HTTP pipelining, defaults to true.


The maximum number of events to be queued up in memory before a HTTP connection is closed, defaults to 10000.

It also uses the common network settings.

Disable HTTPedit

The http module can be completely disabled and not started by setting http.enabled to false. This make sense when creating non data nodes which accept HTTP requests, and communicate with data nodes using the internal transport.