Protecting Kibana with Apache (Basic Authentication) Permalink to "Protecting Kibana with Apache (Basic Authentication)"

Tip submitted by @raiden0610

mod_proxy activation Permalink to "mod_proxy activation"

a2enmod proxy
a2enmod proxy_http
a2enmod headers

service apache2 restart

Vitualhost configuration Permalink to "Vitualhost configuration"

Find where your virtualhost 443 or 80 config is, depending on your distros.

For example in Ubuntu 16.04: the config is on the file 000-default-le-ssl.conf in /etc/apache2/sites-availables directory.

If you don’t want SSL, here is the file 000-default.conf

Edit the file and in the virtualhost 443 or 80 section paste this :

# Proxying kibana listenning on the port 5601 
ProxyPreserveHost On
ProxyRequests On
ProxyPass / http://localhost:5601/
ProxyPassReverse / http://localhost:5601/

# Protecting with basic authentication
<Location />
        AuthType Basic
        AuthName "Restricted Content"
        AuthUserFile /etc/apache2/.htpasswd
        Require valid-user

Reload apache config :

service apache2 reload

Generation of username / password Permalink to "Generation of username / password"

htpasswd /etc/apache2/.htpasswd your_user

Activating SSL Permalink to "Activating SSL"

Follow the tutorial (you can select the ditros) : Let’s encrypt - Certbot

Certbot will take care of the SSL configuration in Apache automatically for you

Warning: Don't forget to close the port 5601 in your firewall ! because if you don't kibana will still be accessible without basic authentication on the port 5601

And voila you can now access kibana in a secure way at or