Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
NGINX Reverse Proxy Authentication For Elasticsearch
# Run me with:
#
# $ nginx -p /path/to/this/file/ -c nginx.conf
#
# All requests are then routed to authenticated user's index, so
#
# GET http://user:password@localhost/_search?q=*
#
# is rewritten to:
#
# GET http://localhost:9200/_search?q=*
worker_processes 1;
pid nginx.pid;
events {
worker_connections 1024;
}
http {
server {
listen 80;
server_name search.example.com;
error_log elasticsearch-errors.log;
access_log elasticsearch.log;
location / {
# Deny access to Cluster API
if ($request_filename ~ "_cluster") {
return 403;
break;
}
# Pass requests to ElasticSearch
proxy_pass http://localhost:9200;
proxy_redirect off;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
# Authorize access
auth_basic "ElasticSearch";
auth_basic_user_file passwords;
# Route all requests to the root index
rewrite ^(.*)$ $1 break;
rewrite_log on;
return 403;
}
}
}
@pankajpanwar1

This comment has been minimized.

Copy link

pankajpanwar1 commented Dec 7, 2018

Hi , does auth_basic "ElasticSearch" means cluster_name of our elastic cluster

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.
You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session.