[DOCS] Creates separate doc for security in production #103973
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
gchaps
added
v7.13.0
v7.14.0
v7.15.0
v8.0.0
release_note:skip
|
Pinging @elastic/kibana-docs (Team:Docs) |
|
@elasticmachine run elasticsearch-ci/docs |
|
@elasticmachine merge upstream |
|
@legrego Can you please write an intro paragraph for this doc? |
This is the highest priority item for securing a production installation of Kibana.
jportner
reviewed
Jul 6, 2021
Comment on lines
32
to
38
| Kibana uses a Content Security Policy to help prevent the browser from allowing | ||
| unsafe scripting, but older browsers will silently ignore this policy. If your | ||
| organization does not need to support Internet Explorer 11 or much older | ||
| versions of our other supported browsers, we recommend that you enable Kibana's | ||
| `strict` mode for content security policy, which will block access to Kibana | ||
| for any browser that does not enforce even a rudimentary set of CSP | ||
| protections. |
There was a problem hiding this comment.
We stopped supporting IE in Kibana 7.9, so this is stale info.
I did check our other supported browsers (Chrome, Firefox, Safari) -- each of them first started supporting Content Security Policy around 2012-2013. So I suppose we should leave this section in here and just remove the bit about IE, yeah?
|
@elasticmachine merge upstream |
gchaps
added a commit
to gchaps/kibana
that referenced
this pull request
Jul 7, 2021
* [DOCS] Creates separate doc for security in production * Use Kibana attribute * Update CSP section * Move SSL section to the top This is the highest priority item for securing a production installation of Kibana. * Add section on using secure HTTP headers * Write intro * [DOCS] Fixes broken link and other minor edits * [DOCS] Changes man to manipulator Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com> Co-authored-by: Joe Portner <5295965+jportner@users.noreply.github.com>
jloleysens
added a commit
to jloleysens/kibana
that referenced
this pull request
Jul 8, 2021
…-of-max-results * 'master' of github.com:elastic/kibana: (36 commits) Lower Kibana app bundle limits (elastic#104688) [Security Solutions] Fixes bug with the filter query compatibility for transforms (elastic#104559) [RAC] Add mapping update logic to RuleDataClient (elastic#102586) Fix import workpad (elastic#104722) [canvas] Fix Storybook service decorator (elastic#104750) [Detection Rules] Add 7.14 rules (elastic#104772) [Enterprise Search] Fix beta notification in sidebar (elastic#104763) Fix engine routes that are meta engine or non-meta-engine specific (elastic#104757) [Fleet] Fix policy revision number getting bumped for no reason (elastic#104696) persistable state migrations (elastic#103680) [Fleet] Fix add agent in the package policy table (elastic#104749) [DOCS] Creates separate doc for security in production (elastic#103973) [SO Migration] fix reindex race on multi-instance mode (elastic#104516) [Security Solution] Update text in Endpoint Admin pages (elastic#104649) [package testing] Decrease timeout to 2 hours (elastic#104668) Fix background styling of waterfall chart sidebar tooltip. (elastic#103997) [Fleet + Integrations UI] Integrations UI Cleanup (elastic#104641) [Fleet] Link to download page of current stack version on Agent install instructions (elastic#104494) [Workplace Search] Fix Media Type field preview is unformatted bug (elastic#104684) [ML] add marker body (elastic#104672) ... # Conflicts: # x-pack/plugins/fleet/public/search_provider.test.ts
gchaps
added a commit
that referenced
this pull request
Jul 9, 2021
…4769) * [DOCS] Creates separate doc for security in production * Use Kibana attribute * Update CSP section * Move SSL section to the top This is the highest priority item for securing a production installation of Kibana. * Add section on using secure HTTP headers * Write intro * [DOCS] Fixes broken link and other minor edits * [DOCS] Changes man to manipulator Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com> Co-authored-by: Joe Portner <5295965+jportner@users.noreply.github.com> Co-authored-by: Joe Portner <5295965+jportner@users.noreply.github.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
This PR:
Preview:
https://kibana_103973.docs-preview.app.elstc.co/guide/en/kibana/master/Security-production-considerations.html