Customers who sign-up prior to 30/06/2024 get unlimited access to free features, newer features (with some restrictions), but for free for at least 1 year.Sign up now!

Some tips for securing public facing internal applications

People who have vast experience in I.T know that security is of utmost importance and needs to be implemented in layers. I had a need to secure my Kibana implementation and I want to thwart hackers. I had two options:

  1. Use VPN
  2. Secure the website

Now, the problem very few VPN’s like Cisco AnyConnect support biometric authentication, ElasticSearch/Kibana’s security options are very less in the self-hosted version.

Thanks to Apache web server for the resuce. Apache web server has this plugin known as mod_auth_oidc, this plugin can be used at the web server level i.e the web server takes care of authorizing users. Kibana is hosted at

I think this is a very great feature and everyone must use wherever possible for public-facing web applications that would be consumed by OAUTH2 or OpenID.

Moreover this plugin can easily enable SSO (SingleSignOn) features and all of this with just some basic configuration.

Thank you Apache Foundation and ZmartZone.

I don’t have any fake aliases, nor any virtual aliases like some of the the psycho spy R&AW traitors of India. NOT associated – “ass”, eass, female “es”, “eka”, “ok”, “okay”, “is”, “erra”, yerra, karan, kamalakar, diwakar, kareem, karan, sowmya, zinnabathuni, bojja srinivas (was a friend and batchmate 1998 – 2002), mukesh golla (was a friend and classmate 1998 – 2002), thota veera, uttam’s, bandhavi’s, bhattaru’s, thota’s, bojja’s, bhattaru’s or Arumilli srinivas or Arumilli uttam (may be they are part of a different Arumilli family – not my family).

Mr. Kanti Kalyan Arumilli

Arumilli Kanti Kalyan, Founder & CEO
Arumilli Kanti Kalyan, Founder & CEO

B.Tech, M.B.A






Founder & CEO, Lead Full-Stack .Net developer

ALight Technology And Services Limited

ALight Technologies USA Inc




Phone / SMS / WhatsApp on the following 3 numbers:

+91-789-362-6688, +1-480-347-6849, +44-07718-273-964

+44-33-3303-1284 (Preferred number if calling from U.K, No WhatsApp),,,,, and 3 more rarely used email addresses – hardly once or twice a year.