We handle many customers and we are running ELk cluster on openstack cloud.
Inorder to secure the elk stack we are planning to secure the http layer with a web server.
We currently secure our application layer with httpd. So naturally the confusion arise in choosing between nginx and httpd.
What would be the best choice to secure elk stack Apache httpd or Nginix?
Any quick help on this topic is much appreciated.
Our current architecture and plannings is not supporting that.
The problem arise when we want to expose the application and kibana over same dns. Further we want to keep single point of entry to our servers 443 and secure it with company signed certificates.
Why not using the company signed certificates within the built-in security solution?
Anyway, it's up to you.
What would be the best choice to secure elk stack Apache httpd or Nginix?
I don't know but I have seen some years ago people using Ngnix for that.
Just be aware that you might think you have secured your cluster but there are some APIs that you probably to consider when not using the built-in security.
Such as:
/_bulk
/_msearch
/_mget
You should probably disable those ones at least. May be some others.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.