Question is simple. Why I have this error which you can see on pastebin? And is there any way to solve this issue? Any clue would be very appreciated.
One example line:
[Tue Sep 08 14:36:17.726951 2020] [:error] [pid 1103:tid 139897478309632] [client 176.105.137.72:26143] client denied by server configuration: proxy:http://127.0.0.1:3000/api/datasources/proxy/3/query
In grafana I set InfluxDB as below
In /etc/telegraf/telegraf.conf
[[outputs.influxdb]]
urls = [“https://127.0.0.1:8086”]
HTTP Basic Auth is set (password and login are given)
insecure_skip_verify = true
In /etc/influxdb/influxdb.conf
[http]
enabled = true
bind-address = “:8086”
auth-enabled = true
https-enabled = true
https-certificate = “/etc/ssl/influxdb/server-cert.pem”
https-private-key = “/etc/ssl/influxdb/server-key.pem”
In /etc/grafana/grafana.ini
[server]
root_url = https://grafana.sysadmin.info.pl
[security]
disable_initial_admin_creation = true
admin_user = admin
disable_brute_force_login_protection = false
cookie_secure = true
cookie_samesite = lax
strict_transport_security = true
strict_transport_security_max_age_seconds = 86400
strict_transport_security_preload = true
strict_transport_security_subdomains = true
x_content_type_options = true
x_xss_protection = true
[users]
allow_sign_up = false
[auth.anonymous]
enabled = false
In /etc/httpd/conf.d/grafana.sysadmin.info.pl.conf
<VirtualHost *:80>
ServerName grafana.sysadmin.info.pl
ServerAlias www.grafana.sysadmin.info.pl
ServerAdmin admin@sysadmin.info.pl
RewriteEngine On
RewriteRule ^(.*)$ https://%{HTTP_HOST}$1 [redirect=301]
</VirtualHost>
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerName grafana.sysadmin.info.pl
ServerAlias www.grafana.sysadmin.info.pl
ServerAdmin admin@sysadmin.info.pl
# Use HTTP Strict Transport Security to force client to use secure connections only.
Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
# Referer logging is used to allow websites and web servers to identify where people are visiting them from, for promotional or statistical purposes.
Header always set Referrer-Policy "no-referrer"
Header set Access-Control-Allow-Origin "https://grafana.sysadmin.info.pl"
Header set Access-Control-Allow-Credentials true
Header Set Access-Control-Allow-Methods "GET, OPTIONS, POST"
Header Set Access-Control-Allow-Headers "origin, authorization, accept"
SecRuleEngine Off
SSLCertificateFile /etc/letsencrypt/live/grafana.sysadmin.info.pl/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/grafana.sysadmin.info.pl/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateChainFile /etc/letsencrypt/live/grafana.sysadmin.info.pl/chain.pem
SSLEngine on
SSLProtocol all -TLSv1 -TLSv1.1 -SSLv2 -SSLv3
SSLHonorCipherOrder on
SSLCompression off
SSLOptions +StrictRequire
SSLCipherSuite ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256
ProxyPreserveHost Off
ProxyPass / http://127.0.0.1:3000/
ProxyPassReverse / http://127.0.0.1:3000/
<Directory "/">
Require all granted
</Directory>
<Directory "/public/app/plugins/">
Options Indexes FollowSymLinks
AllowOverride None
Require all granted
</Directory>
<Directory "/var/www/html/grafana.sysadmin.info.pl/public_html/">
Options Indexes FollowSymLinks
AllowOverride None
Require all granted
</Directory>
<Location />
Options Indexes FollowSymLinks
AllowOverride None
Require all granted
</Location>
</VirtualHost>