Authentication ELK Dashboard

Hi All,

Recently installed ELK on my server. Now I needed to set up an authentication, to access the dashboard link. Upto some level I have succeeded, but not fully. Authentication works if I access the link with hostname or IP : www.test.com or 10.10.10.10.

But as soon as I access the same link with port 5601, authentication does not work on it. It just loads the dashboard.
Example : 10.10.10.10:5601 or www.test.com:5601

Below is the content of nginx.conf file :

user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;

include /usr/share/nginx/modules/*.conf;

events {
worker_connections 1024;
}

http {
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';

access_log /var/log/nginx/access.log main;

sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;

include /etc/nginx/mime.types;
default_type application/octet-stream;

include /etc/nginx/conf.d/*.conf;
}

=======================

Below is the content of authentication file :

upstream app {
server 10.10.10.10:5601;
keepalive 64;
}

server {
listen 80;
server_name www.test.com;
auth_basic "Restricted Access";
auth_basic_user_file /etc/nginx/htpasswd.users;

location / {
proxy_pass http://app;
}
}

=========================

Hi,

I may be wrong here, but with nginx you are listening on port 80, which is the one using the "auth_basic_user_file" with your credentials.

Port 5601, is 'just' kibana.

One thing you could do, is in the case you are using your nginx in the same server as your kibana, is to limit your kibana to only listen to your 127.0.0.1 address. If you are using a separate nginx server to access your kibana, you could either use another nginx in your kibana server for which you connect or just create a firewall rule that limits the access to it from the nginx.

Does this make sense to you?

Thanks for your suggestion. But, I didn't get you.
Just to make clear, I have nginx and kibana on the same server.

Ok. So it is even easier. All you need to do is to make sure you can not reach your kibana from outside, directly to port 5601 and only thru your nginx.

For this, you need to configure kibana to listen to your localhost only, and your nginx to redirect to localhost:5601. With this configuration, only way to reach port 5601, is either by localhost or going through your nginx, which will request an auth.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.