I have setup website that uses embedded iframes embed=true in url by modifying kibana config file:
But nowI don't want any users to figure out that removing "embed=true" from the querystring will take them directly into the Kibana page with all the admin options enabled I want any requests that does not contain "embed=true" to be denied from the nginx proxy server or Kibana settings. I'm hoping this would be possible in NGINX configuration file. But I cannot figure out how. Because "embed=true" is part of querystring but not route. Or is this possible in Kibana settings somehow?
So for requests like below I want to return 403 Forbidden.