Reputation: 6490
nginx enable authentication on specific port
I am trying to protect the URL of my Kibana server with a password.
If I type http://192.168.1.2 in the browser, I am getting prompted for a username/password, but if I query the port 5601 directly via http://192.168.1.2:5601 then I can bypass the nginx proxy auth.
Note that both nginx and Kibana run on the same server.
I tried different combinations of "localhost" "0.0.0.0" or "127.0.0.1" as the listening source address but none of them worked. I can still easily bypass the proxy.
What am I doing wrong?
here's my /etc/nginx/nginx.conf file:
server {
listen 192.168.1.2:80;
server_name 192.168.1.2;
location / {
proxy_pass http://192.168.1.2:5601;
auth_basic "Restricted";
auth_basic_user_file /etc/nginx/.htpasswd;
}
}
Upvotes: 0
Views: 1143
Answers (1)
Reputation: 884
NGINX only listens on port 80 and does not prevent access to your application on port 5601. You should instead use a firewall to block access to the port itself. You could:
- Place your server behind a firewall such as a router (blocks out all external network requests)
- Install a firewall, like UFW, on the server itself.
Upvotes: 2
Related Questions
- Nginx - Password Protect Not Working
- securing website in ngnix using BASIC auth
- Nginx: password protect folder except index page
- Nginx authentication except those on local network
- Nginx - Password Protect PHP Script
- Nginx password protect
- Nginx Password Protect 403 Forbidden
- How can I set up an automatic authentication layer in nginx?
- Password protecting a single file with nginx
- Nginx - Password Protect Directory