Bind Kibana server to localhost

This is a breaking change. The default behaviour will now be that connections from remote users will be rejected.
elastic · Aug 25, 2016 · 549293d · 549293d · curry684 · Oct 14, 2016
1 parent bfb81ef
commit 549293d
Show file tree

Hide file tree

Showing 5 changed files with 8 additions and 6 deletions.
diff --git a/config/kibana.yml b/config/kibana.yml
@@ -1,8 +1,10 @@
 # Kibana is served by a back end server. This setting specifies the port to use.
 # server.port: 5601
 
-# This setting specifies the IP address of the back end server.
-# server.host: "0.0.0.0"
+# Specifies the public host name to which the Kibana server will bind.
+# The default is 'localhost', which usually means remote machines will not be able to connect.
+# To allow connections from remote users, set this parameter to IP or the DNS-name of the machine that is running Kibana.
+# server.host: "localhost"
 
 # Enables you to specify a path to mount Kibana at if you are running behind a proxy. This setting
 # cannot end in a slash.

diff --git a/docs/kibana-yml.asciidoc b/docs/kibana-yml.asciidoc
@@ -1,7 +1,7 @@
 .Kibana Configuration Settings
 [horizontal]
 `server.port:`:: *Default: 5601* Kibana is served by a back end server. This setting specifies the port to use.
-`server.host:`:: *Default: "0.0.0.0"* This setting specifies the IP address of the back end server.
+`server.host:`:: *Default: "localhost"* This setting specifies the host of the back end server.
 `server.basePath:`:: Enables you to specify a path to mount Kibana at if you are running behind a proxy. This setting
 cannot end in a slash (`/`).
 `server.maxPayloadBytes:`:: *Default: 1048576* The maximum payload size in bytes for incoming server requests.

diff --git a/docs/settings.asciidoc b/docs/settings.asciidoc
@@ -295,7 +295,7 @@ deprecated[4.2, The names of several Kibana server properties changed in the 4.2
 +
 *alias*: `host` deprecated[4.2]
 +
-*default*: `"0.0.0.0"`
+*default*: `"localhost"`
 
 `elasticsearch.url` added[4.2]:: The Elasticsearch instance where the indices you want to query reside.
 +

diff --git a/src/server/config/__tests__/config.js b/src/server/config/__tests__/config.js
@@ -54,7 +54,7 @@ describe('lib/config/config', function () {
       it('should allow keys in the schema', function () {
         let config = new Config(schema);
         let run = function () {
-          config.set('test.client.host', 'http://0.0.0.0');
+          config.set('test.client.host', 'http://localhost');
         };
         expect(run).to.not.throwException();
       });

diff --git a/src/server/config/schema.js b/src/server/config/schema.js
@@ -34,7 +34,7 @@ module.exports = () => Joi.object({
 
   server: Joi.object({
     name: Joi.string().default(os.hostname()),
-    host: Joi.string().hostname().default('0.0.0.0'),
+    host: Joi.string().hostname().default('localhost'),
     port: Joi.number().default(5601),
     maxPayloadBytes: Joi.number().default(1048576),
     autoListen: Joi.boolean().default(true),