Elasticsearch and Kibana vhost that doesn't let me view logs from a computer without access to the elasticsearch server's port 9200

gistfile1.apacheconf

<VirtualHost *:80>
	ServerAdmin admin@email.tld
	ServerName elasticsearch.domain.tld
	ServerAlias kibana.domain.tld
	DocumentRoot /var/www/log-elasticsearch/docroot
	<Directory />
		Options FollowSymLinks
		AllowOverride None
	</Directory>
	<Directory /var/www/log-elasticsearch/docroot>
		Options -Indexes FollowSymLinks -MultiViews
		AllowOverride all
		Order allow,deny
		allow from all
	</Directory>
	ErrorLog ${APACHE_LOG_DIR}/elasticsearch.domain.tld.error.log
	# Possible values include: debug, info, notice, warn, error, crit,
	# alert, emerg.
	LogLevel warn
	CustomLog ${APACHE_LOG_DIR}/elasticsearch.domain.tld.log combined
	# To redirect all Traffic to SSL uncomment the following lines. 
	RewriteEngine On
	RewriteCond %{HTTPS} off
	RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
</VirtualHost>
#If you have SSL enabled for this host, uncomment the following vhost declaration 
<IfModule mod_ssl.c>
<VirtualHost _default_:443>
    ServerAdmin admin@email.tld
    ServerName elasticsearch.domain.tld
    ServerAlias kibana.domain.tld
    DocumentRoot /var/www/log-elasticsearch/docroot
	<Directory />
		Options FollowSymLinks
		AllowOverride None
	</Directory>
    <Directory /var/www/log-elasticsearch/docroot>
        Options -Indexes FollowSymLinks -MultiViews
        AllowOverride All
        Order allow,deny
        allow from all
    </Directory>
 
    #   SSL Info
    SSLEngine on
    SSLCertificateFile    /etc/apache2/ssl/CERT
    SSLCertificateKeyFile /etc/apache2/ssl/KEY
    SSLCACertificateFile /etc/apache2/ssl/CA
 
    <FilesMatch "\.(cgi|shtml|phtml|php)$">
            SSLOptions +StdEnvVars
    </FilesMatch>
    <Directory /usr/lib/cgi-bin>
            SSLOptions +StdEnvVars
    </Directory>
    BrowserMatch "MSIE [2-6]" \
            nokeepalive ssl-unclean-shutdown \
            downgrade-1.0 force-response-1.0
    # MSIE 7 and newer should be able to use keepalive
    BrowserMatch "MSIE [7-9]" ssl-unclean-shutdown
 
    ErrorLog ${APACHE_LOG_DIR}/ssl-elasticsearch.domain.tld.error.log
 
	# Possible values include: debug, info, notice, warn, error, crit,
	# alert, emerg.
	LogLevel warn
 
	CustomLog ${APACHE_LOG_DIR}/ssl-elasticsearch.domain.tld.log combined

ProxyRequests Off

SSLProxyEngine On

  # Set global proxy timeouts
<Proxy http://elasticsearch.domain.tld:9200>
#  <Proxy http://127.0.0.1:9200>
    ProxySet connectiontimeout=5 timeout=90
  </Proxy>

  # Proxy for _aliases and .*/_search
  <LocationMatch "^(/_aliases|.*/_search)$">
    ProxyPassMatch http://127.0.0.1:9200
    ProxyPassReverse http://127.0.0.1:9200
  </LocationMatch>

  # Proxy for kibana-int/{dashboard,temp} stuff (if you don't want auth on /, then you will want these to be protected)
  <LocationMatch "^(/kibana-int/dashboard/|/kibana-int/temp).*$">
    ProxyPassMatch http://127.0.0.1:9200
    ProxyPassReverse http://127.0.0.1:9200
  </LocationMatch>

  <Location />
    #Allow from 5.6.7.8
    #Deny from all
    #Satisfy any
    AuthLDAPBindDN "BINDUSER"
    AuthLDAPBindPassword "PASSWORD"
    AuthLDAPURL LDAPURL
    AuthType Basic
    AuthBasicProvider ldap
    AuthName "Please authenticate for kibana"
    AuthzLDAPAuthoritative on
    Require ldap-user userid
    Require ldap-user userid
    Require ldap-user userid
    Require ldap-user userid
    Require ldap-user userid
    Require ldap-user userid
    Require ldap-user userid
    Require ldap-user userid
    Require ldap-user userid
    Require ldap-user userid

  </Location>

</VirtualHost>
</IfModule>