Kibana can't open through nginx

Aniket_Pant · November 15, 2020, 5:22pm

map $http_upgrade $connection_upgrade {
    default upgrade;
    ''      close;
}
server {
    listen 80;
    server_name 192.168.0.100;
    return 301 https://192.168.0.100;
}

server {
    ## Log location ##
    #access_log /var/log/nginx/kibana.access.log;
    #error_log /var/log/nginx/kibana.error.log;
    ## End ##

    ## (Web) Server Configuration ##
    listen 443 ssl;
    ssl_certificate_key /etc/ssl/private/HELK.key;
    ssl_certificate /etc/ssl/certs/HELK.crt;
    ssl_session_cache shared:SSL:10m;
    ## End ##

    ## Hide Version ##
    server_tokens off;
    ## End ##

    ## Some Hardening/Security ##
    # Web Server Attack (ie: XSS, Clickjacking)
    add_header X-Frame-Options DENY;
    add_header X-Content-Type-Options nosniff;
    add_header X-XSS-Protection "1; mode=block";
    add_header X-Frame-Options "SAMEORIGIN";
    # BufferOverflow Hardening
    client_body_buffer_size  500K;
    client_header_buffer_size 1k;
    client_max_body_size 7500k;
    # TLS/SSL
    ssl_ciphers "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4:@STRENGTH";
    ssl_prefer_server_ciphers on;
    add_header Strict-Transport-Security "max-age=31536000; includeSubdomains;";
    # HTTP Methods
    # DELETE is required for some index management
    if ($request_method !~ ^(GET|PUT|POST|DELETE)$ ) {
        return 444;
    }
    ## End ##

    ## Timeout definitions ##
    proxy_connect_timeout 900;
    proxy_send_timeout 600;
    proxy_read_timeout 600;
    client_body_timeout   10;
    client_header_timeout 10;
    keepalive_timeout     10 10;
    send_timeout 10;
    ## End ##

    ## Performance Tuning ##
    gzip             on;
    gzip_comp_level  1;
    gzip_min_length  1000;
    gzip_proxied     expired no-cache no-store private auth;
    gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;
    ## End ##

    ## Kibana Settings / Kibana Proxy ##
    # Kibana generates really long URI's so need to set this
    large_client_header_buffers 4 64k;

    # Proxy forward to elasticsearch
    location / {
        ## Local Authentication ##
        auth_basic "Restricted Access";
        auth_basic_user_file /etc/nginx/htpasswd.users;
        ## End ##  

        proxy_pass https://192.168.0.100:5601;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection 'upgrade';
        proxy_set_header Host $host;
        proxy_cache_bypass $http_upgrade;     
    }
    ## End ##
}

Topic		Replies	Views
Basic auth on Kibana using nginx Kibana	6	5244	December 31, 2018
Kibana + Shield + NGinx - Thrown back to the login screen Kibana	5	1289	July 6, 2017
500 Internal server Error - Baisc auth on kibana using nginx Kibana	4	3765	March 29, 2019
How to run Kibana with Ngxinx? Kibana docker	2	277	August 28, 2023
Kibana Dashboard login with Nginx reverse proxy Kibana	3	2572	December 8, 2018

Kibana can't open through nginx

Related topics