Authentication ELK Dashboard

Yashwant_Shettigar · March 28, 2019, 10:33am

Hi All,

Recently installed ELK on my server. Now I needed to set up an authentication, to access the dashboard link. Upto some level I have succeeded, but not fully. Authentication works if I access the link with hostname or IP : www.test.com or 10.10.10.10.

But as soon as I access the same link with port 5601, authentication does not work on it. It just loads the dashboard.
Example : 10.10.10.10:5601 or www.test.com:5601

Below is the content of nginx.conf file :

user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;

include /usr/share/nginx/modules/*.conf;

events {
worker_connections 1024;
}

http {
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';

access_log /var/log/nginx/access.log main;

sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;

include /etc/nginx/mime.types;
default_type application/octet-stream;

include /etc/nginx/conf.d/*.conf;
}

=======================

Below is the content of authentication file :

upstream app {
server 10.10.10.10:5601;
keepalive 64;
}

server {
listen 80;
server_name www.test.com;
auth_basic "Restricted Access";
auth_basic_user_file /etc/nginx/htpasswd.users;

location / {
proxy_pass http://app;
}
}

=========================

pup_seba · March 28, 2019, 11:15am

Hi,

I may be wrong here, but with nginx you are listening on port 80, which is the one using the "auth_basic_user_file" with your credentials.

Port 5601, is 'just' kibana.

One thing you could do, is in the case you are using your nginx in the same server as your kibana, is to limit your kibana to only listen to your 127.0.0.1 address. If you are using a separate nginx server to access your kibana, you could either use another nginx in your kibana server for which you connect or just create a firewall rule that limits the access to it from the nginx.

Does this make sense to you?

Yashwant_Shettigar · March 28, 2019, 1:08pm

Thanks for your suggestion. But, I didn't get you.
Just to make clear, I have nginx and kibana on the same server.

pup_seba · March 28, 2019, 1:11pm

Ok. So it is even easier. All you need to do is to make sure you can not reach your kibana from outside, directly to port 5601 and only thru your nginx.

For this, you need to configure kibana to listen to your localhost only, and your nginx to redirect to localhost:5601. With this configuration, only way to reach port 5601, is either by localhost or going through your nginx, which will request an auth.

system · April 25, 2019, 1:20pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Authentication to Kibana Kibana	5	358	March 6, 2020
Secure my ELK - nginx credentials Kibana	3	1897	April 2, 2019
Kibana Dashboard login with Nginx reverse proxy Kibana	3	2542	December 8, 2018
Kibana + Shield + NGinx - Thrown back to the login screen Kibana	5	1262	July 6, 2017
Embedded Kibana Dashboard Login Kibana	3	499	August 17, 2019

Authentication ELK Dashboard

Related topics