Typesense - Hardened Open-Source Search Engine on Ubuntu 24.04

This product has charges associated with it for hardening, security configuration, and support. Typesense is an open-source, typo-tolerant search engine built for speed - a self-hosted alternative to Algolia and a simpler, developer-friendly option compared to Elasticsearch. Unlike bare Typesense deployments that have no authentication and expose the API to all interfaces, this build is secure by default: unique API key at first boot, UFW firewall pre-configured, and CIS Level 1 hardened Ubuntu 24.04 LTS base. Instant search with typo tolerance, faceting, filtering, and vector search - production-ready in minutes.

View purchase options

Try for free

Overview

Try agent mode

Create proposal

Ask question

This is a repackaged software product wherein additional charges apply for hardening, security configuration, and support.

WHAT IS TYPESENSE

Typesense is an open-source, typo-tolerant search engine written in C++ for speed and simplicity. It is designed as a developer-friendly alternative to Algolia (self-hosted, no per-search pricing) and a lighter-weight alternative to Elasticsearch (no JVM, no cluster setup required for single-node deployments).

Typesense supports instant search with typo tolerance, faceted navigation, filtering, geo search, vector search, and hybrid search (keyword + semantic). It is used in e-commerce search, documentation search, SaaS product search, and any application requiring sub-50ms search responses.

Port: 8108 (REST API + Web UI dashboard).

WHY SELF-HOST YOUR SEARCH ENGINE

Cloud search-as-a-service pricing scales with query volume and record count. For applications with high search traffic or large document collections, self-hosted Typesense eliminates per-search and per-record fees entirely. Your data stays within your own VPC - no third-party search provider receives your documents or queries.

ENHANCED SECURITY OUT OF THE BOX

Out of the box, Typesense starts without authentication and binds to all network interfaces, exposing the API to anyone who can reach the instance. Enabling API key authentication, restricting network access, and hardening the underlying OS requires careful manual configuration.

This AMI pre-configures all of these for you at first boot.

WHAT THIS AMI ADDS

Security defaults:

Unique API key generated per instance at first boot - no default empty key
UFW firewall - port 8108 open only; SSH on 22; all other ports blocked
fail2ban - SSH brute-force protection
AppArmor - mandatory access control

OS hardening (CIS Level 1):

CIS Ubuntu 24.04 LTS Level 1 benchmark applied via ansible-lockdown
auditd - system call auditing
SSH hardening - PasswordAuthentication disabled, key-only access
Kernel hardening - SYN cookies, ASLR, rp_filter, TCP BBR
IMDSv2 enforced - SSRF protection

Compliance artifacts (inside the AMI):

SBOM - CycloneDX 1.6 software bill of materials at /etc/lynxroute/sbom.json
CIS Conformance Report - OpenSCAP HTML report at /etc/lynxroute/cis-report.html
Tailored CIS profile - documents all applied controls and any deviations at /usr/share/doc/lynxroute/CIS_TAILORED_PROFILE.md

Quick Start:

Launch instance (t3.medium recommended)
SSH: ssh -i key.pem ubuntu@<PUBLIC_IP>
Read credentials: sudo cat /root/typesense-credentials.txt
Open Security Group - allow TCP 8108 from your IP
Test: curl -H "X-TYPESENSE-API-KEY: <api_key>" http://<PUBLIC_IP>:8108/health

Credentials and API key are saved to /root/typesense-credentials.txt at first boot. Important: never expose port 8108 to 0.0.0.0/0 without restricting to trusted IPs - the API key is the only authentication layer.

Highlights

Typesense secure by default: unique API key per instance, UFW firewall pre-configured - the search API is not exposed to the internet out of the box.
CIS Level 1 hardened Ubuntu 24.04 LTS: auditd, fail2ban, AppArmor, SSH key-only, IMDSv2 enforced, SBOM and CIS Conformance Report included for compliance and audit teams.
Self-hosted Algolia alternative: typo tolerance, faceted search, vector search, and hybrid search with no per-query pricing - your documents stay within your own VPC.

Details

Sold by

Lynxroute

Introducing multi-product solutions

You can now purchase comprehensive solutions tailored to use cases and industries.

Learn more

Explore multi-product solutions

Features and programs

Financing for AWS Marketplace purchases

AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.

View financing details

Pricing

Free trial

Try for free

Try this product free for 5 days according to the free trial terms set by the vendor. Usage-based pricing is in effect for usage beyond the free trial terms. Your free trial gets automatically converted to a paid subscription when the trial ends, but may be canceled any time before that.

Typesense - Hardened Open-Source Search Engine on Ubuntu 24.04

Info

View purchase options

Pricing is based on actual usage, with charges varying according to how much you consume. Subscriptions have no end date and may be canceled any time.

Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.

If you are an AWS Free Tier customer with a free plan, you are eligible to subscribe to this offer. You can use free credits to cover the cost of eligible AWS infrastructure. See AWS Free Tier for more details. If you created an AWS account before July 15th, 2025, and qualify for the Legacy AWS Free Tier, Amazon EC2 charges for Micro instances are free for up to 750 hours per month. See Legacy AWS Free Tier for more details.

Usage costs (6)

Info

Dimension	Cost/hour
t3.medium Recommended	$0.10
t3.micro	$0.05
t3.large	$0.12
t3.small	$0.07
m6i.xlarge	$0.20
m6i.large	$0.15

Vendor refund policy

We do not offer refunds for this product. AWS infrastructure charges (EC2, EBS, data transfer) are billed separately by AWS and are not refundable by us. If you experience technical issues with the AMI, please contact us at support@lynxroute.com before requesting a refund.

How can we make this page better?

We'd like to hear your feedback and ideas on how to improve this page.

Legal

Vendor terms and conditions

Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .

Content disclaimer

Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.

Usage information

Info

Delivery details

64-bit (x86) Amazon Machine Image (AMI)

Amazon Machine Image (AMI)

An AMI is a virtual image that provides the information required to launch an instance. Amazon EC2 (Elastic Compute Cloud) instances are virtual servers on which you can run your applications and workloads, offering varying combinations of CPU, memory, storage, and networking resources. You can launch as many instances from as many different AMIs as you need.

Version release notes

Version 30.2 - Initial release (April 2026)

Typesense 30.2 on Ubuntu 24.04 LTS
CIS Level 1 hardening applied (ansible-lockdown/UBUNTU24-CIS)
Unique API key generated per instance at first boot - no default empty key
REST API on port 8108 - configure Security Group to restrict access to trusted IPs
Python client pre-installed with quickstart examples at /usr/local/share/typesense-examples/
UFW firewall pre-configured (ports 22 and 8108 only)
fail2ban, auditd, AppArmor pre-configured
SBOM (CycloneDX 1.6) at /etc/lynxroute/sbom.json
CIS Conformance Report (OpenSCAP) at /etc/lynxroute/cis-report.html
Tailored CIS profile with documented controls at /usr/share/doc/lynxroute/CIS_TAILORED_PROFILE.md
IMDSv2 enforced

Additional details

Usage instructions

Launch instance (t3.medium recommended)
SSH: ssh -i key.pem ubuntu@<PUBLIC_IP>
Read credentials: sudo cat /root/typesense-credentials.txt
Open Security Group - allow TCP 8108 from your IP
Test: curl -H "X-TYPESENSE-API-KEY: <api_key>" http://<PUBLIC_IP>:8108/health

Resources

Vendor resources

Documentation

Support

Vendor support

Visit us online

Get support

AWS infrastructure support

AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.

Get support

Similar products

Typesense on CentOS Stream 9 with support by ThinkCloud

By ThinkCloud

This product has charges associated with it for seller support. This is open source software, which is repackaged by ThinkCloud. The additional cost is applicable to the extended support of 24-hour response time. This AMI contains Typesense 27.1 on CentOS Stream 9 and includes support.

View product

Websoft9 Applications Hosting Platform

By Websoft9

This product has charges associated with it for Websoft9 support. Pre-configured, web-based, cloud-native, secure, one-click to deploy Websoft9 Applications Hosting Platform on AWS. Websoft9 is a lightweight, self-hosting PaaS that allows you to deploy multiple applications on your own cloud infrastructure.

View product

Customer reviews

Leave a review

Ratings and reviews

Info

0 ratings

5 star

4 star

3 star

2 star

1 star

0 reviews

No customer reviews yet

Be the first to review this product . We've partnered with PeerSpot to gather customer feedback. You can share your experience by writing or recording a review, or scheduling a call with a PeerSpot analyst.