Apache Site:
<IfModule mod_ssl.c>
<VirtualHost _default_:8443>
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
SSLEngine on
SSLCertificateFile /etc/ssl/ssls-com-wildcard-2015.crt
SSLCertificateKeyFile /etc/ssl/ssls-com-wildcard-2015.key
ProxyRequests Off
<Location />
ProxyPass http://127.0.0.1:9200/
ProxyPassReverse http://127.0.0.1:9200/
AuthType Basic
AuthName "KOPF Web Site: Login with hf-it-ops email address"
AuthUserFile "/etc/nginx/htpasswd.users"
Require valid-user
RewriteEngine on
RewriteRule ^/.+/(.*) http://127.0.0.1:9200/$1 [P]
</Location>
</VirtualHost>
</IfModule>
Setup iptables:
iptables -A INPUT -p tcp --dport 9200 -s 10.0.0.0/8 -j ACCEPT
iptables -A INPUT -p tcp --dport 9200 -s 127.0.0.1 -j ACCEPT
iptables -A INPUT -p tcp --dport 9200 -j REJECT
Save iptables:
sudo apt-get install iptables-persistent
sudo iptables-save
sudo service iptables-persistent start
sudo update-rc.d iptables-persistent enable
Post a Comment