将 Nginx 作为反向代理服务器,并增加登录用户认证的目的,可以有效避免其他人员随意访问kibana页面。
root@kibana:~# vim /etc/kibana/kibana.yml
server.port: 5601
server.host: "127.0.0.1" #修改此行为127.0.0.1
elasticsearch.hosts: ["http://192.168.1.101:9200","http://192.168.1.102:9200","http://192.168.1.103:9200"]
i18n.locale: "zh-CN"
root@kibana:~# systemctl restart kibana.service
root@kibana:~# ss -ntl | grep 5601
LISTEN 0 511 127.0.0.1:5601 0.0.0.0:* root@kibana:~# apt install -y nginx apache2-utils
root@kibana:~# htpasswd -bc /etc/nginx/conf.d/kibana.users admin 123456
Adding password for user admin
root@kibana:~# cat /etc/nginx/conf.d/kibana.users
admin:$apr1$q4MPC2J8$Ad5QopF1M9mSong6QlxI51
root@kibana:~# vim /etc/nginx/nginx.conf
http {
......
include /etc/nginx/conf.d/*.conf;
......
}
root@kibana:~# vim /etc/nginx/conf.d/kibana.conf
upstream kibana {
server 127.0.0.1:5601 max_fails=3 fail_timeout=60;
}
server {
listen 80;
server_name 192.168.1.104;
auth_basic "Kibana Website";
auth_basic_user_file /etc/nginx/conf.d/kibana.users;
location / {
proxy_pass http://kibana;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
}
root@kibana:~# systemctl restart nginx
# 浏览器访问:http://192.168.1.104/
# 使用前面创建的用户admin和密码123456登录
![图片[1]-通过 Nginx 实现 Kibana 登录安全认证-李佳程的个人主页](http://www.lijiach.com/wp-content/uploads/2023/01/image-116.png)
![图片[2]-通过 Nginx 实现 Kibana 登录安全认证-李佳程的个人主页](http://www.lijiach.com/wp-content/uploads/2023/01/image-117.png)
© 版权声明
文章版权归作者所有,未经允许请勿转载。
THE END
