https://github.com/osquery/osquery logo
Title
d

darren

10/06/2020, 10:21 AM
does anyone know of a way to have the kolide fleet management UI accessible over a different port? We want our nodes to be able to access the server over 443 on public WAN but only have the web UI accessible internally over a different port to 443
s

sundsta

10/06/2020, 2:27 PM
You will want to put it behind a reverse proxy that can filter certain routes, such as nginx
d

Dan Achin

10/08/2020, 8:52 PM
This is what we are doing as well - using nginx to limit the UI path to specific source networks. Our laptop clients will only be able to hit the APIs related to registration and data streaming. Here is a good article about it https://defensivedepth.com/2020/04/02/kolide-fleet-breaking-out-the-osquery-api-web-ui