Couchabse disable HTTP

Hi Guys,

From the below link, we had tried to disable the HTTP post which webui is not loading . But we are able to load the specific URL http://ip:8091/logs . Kindly let know if its expected or if there is a way to terminate the same .

setting-security | Couchbase Docs.

Hi @KK,

I’ve tested this locally, and can confirm that I’m able to disable access to the WebUI using:

couchbase-cli setting-security -c localhost:9000 -u Administrator -p password --set --disable-http-ui 1

The /logs endpoint is not part of the UI it’s part of the REST API which would explain why you’re still able to access it.

In 7.0.2 we added the ability to modify the cluster encryption level using:

couchbase-cli setting-security -c localhost:9000 -u Administrator -p password --set --cluster-encryption-level strict

The documentation for the --cluster-encryption-level flag is as follows:

Specifies the cluster encryption level. The level is used when cluster encryption is turned on. If the level is “all” then both data and control messages between the nodes in the cluster will be sent over encrypted connections. If the level is “control” only control messages will be sent encrypted. If the level is “strict” it is the same as having the level “all” but all non-TLS ports on non-loopback interfaces will be closed. By default when cluster encryption is turned on, the level will be “control”.

Setting this to strict will disable non-TLS access to the UI/REST API (excluding access via localhost). Please note that you will need to temporarily disable autofailover, and enable node-to-node encryption to change this setting.

Thanks,
James

Hi James ,

Thank you for your response .

Warm Regards
KK