Wazuh API does not work when behind a reverse proxy (health-check)

582 views
Skip to first unread message

Josmell Chavarri

unread,
Sep 20, 2018, 10:53:15 AM9/20/18
to Wazuh mailing list
Dear

I have deployed wazuh / wazuh: 3.6.1_6.4.0 in a docker installation, behind a reverse proxy (nginx)

When I access the wazuh API it does health-check, https://xxxxxxxx.xx/reverse-proxy/app/wazuh#/health-check?_g=()  ending OK,  and does a redirect to  https://xxxxxxxx.xx/app/wazuh#/overview/  

I get 404 answer, because it's not going through the reverse proxy.


Then I access the wazuh API again  https://xxxxxxxx.xx/reverse-proxy/app/wazuh#/overview/?_g=()   and it works correctly by going through the reverse proxy.

The problem occurs only when you do the health check.

The rest of the wazuh functionalities work well.


I have en /var/ossec/api/configuration/config.js:  

// Basic configuration 
// Path 
config.ossec_path = "/var/ossec"; 
// The host to bind the API to. 
config.host = "0.0.0.0"; 
// TCP Port used by the API. 
config.port = "55000"; 
// Use HTTP protocol over TLS/SSL. Values: yes, no. 
config.https = "yes"; 
// Use HTTP authentication. Values: yes, no. 
config.basic_auth = "yes"; 
//In case the API run behind a proxy server, turn to "yes" this feature. Values: yes, no. 
config.BehindProxyServer = "yes";

I hope you can help me

regards

jesus.g...@wazuh.com

unread,
Sep 20, 2018, 12:28:57 PM9/20/18
to Wazuh mailing list
Hi Josmell,

Sorry you are having troubles. We have a guide that could help here: https://documentation.wazuh.com/current/installation-guide/optional-configurations/kibana_ssl.html,
ignore that link if not the case.

I also want to reproduce your environment using Docker, as soon as possible I'll give you a conclusion from my lab. Is there something special that I need to know before compose my environment?
If so, please give me that information in order to reproduce your environment in the best way. 

Are you using custom Dockerfiles or using some from https://github.com/wazuh/wazuh-docker?

In the mean time, you could try to disable our checks, edit the file under /usr/share/kibana/plugins/wazuh/config.yml:

Before:

#checks.pattern : true
#checks.template: true
#checks.api     : true
#checks.setup   : true

After:

checks.pattern : 0
checks.template: 0
checks.api     : 0
checks.setup   : 0

Restart Kibana:

systemctl restart kibana

That's not the solution but while the team tries to reproduce your use case, it may helps.

Best regards,
Jesús

jesus.g...@wazuh.com

unread,
Sep 25, 2018, 5:51:20 AM9/25/18
to Wazuh mailing list
Hello again Josmell,

As I said, the team has tried to reproduce your environment. We've used latest wazuh-docker branch but there are no errors in our containers, 
the healthcheck works as expected and we have no problem with NGINX. 

At this point, my question is about your Dockerfiles and your configuration files. Are you using custom containers, custom configurations?

Regards,
Jesús
Reply all
Reply to author
Forward
0 new messages