Block/remove access of files

Hi Team,

In dashboard, found that default files of kibana, elastic search are present in the box which are directly accessible from browser.


Please help me to make above url inaccessible .

@ravi_yadav2 In what Kibana version you experience the problem with README.txt being exposed?
Regarding LICENSE.txt: some OSS products, that we use, require to be distributed with the license file.
You might set up your reverse proxy to limit access to any resources in your network.

I am working with Kibana version 7.4.2

I checked artifacts and found only one README.txt in the Kibana root folder, which shouldn't be served.
Are you sure Kibana serves them? Do you have any reverse proxy (Nginx maybe?) running? You can verify this by stopping Kibana and being able to load the files.

Yes , After stopping kibana i am able to access below two files

Then you have to tune your server (Apache, Nginx, etc.) to limit access only to specific resources. Otherwise, it can be a serious source of vulnerabilities.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.