Redirect URLs that detect vulnerabilities to kibana HomePage or change their content to 404

Dear All,

I have 3 elasticsearh, 2 kibana and 2 logtsash in 1 cluster with versions elasticsearch and kibana 8.11.3

after carrying out a VA scan on the ELK cluster, the vulnerabilities "Web Server Misconfiguration: Unprotected File" and "Privacy Violation" were detected for the same URL, namely: https://IpAddress:443/68312/bundles/plugin/ apm/1.0.0/apm.chunk.5.js

is it possible to redirect this URL to Kibana Homepage? or change the contents of the URL so that when opened it becomes 404?


Can anyone help me resolve this issue?

It would be beneficial to set up a reverse proxy. That would allow end users to access the Kibana service through a configurable portal. An advantage with reverse proxies is that they can be tailored with specific redirect rules, like the kind you’re interested in.