Firstly, remove the Redirect. You are supposed to be proxying (i.e. the HTTP requests go user --> apache --> prometheus). A redirect tells the browser to connect directly, i.e. it will then attempt to connect user --> prometheus
If prometheus is running on the same server as apache, then the simplest way to prevent direct access is to bind it to localhost, by running prometheus with the appropriate flag: --web.listen-address="127.0.0.1:9090" --web.external-url=http://xxxx.yyyyy.com and changing your proxy config: *<VirtualHost *:80> ProxyPreserveHost On * *ProxyPass / http://127.0.0.1:9090/* *ProxyPassReverse / http://127.0.0.1:9090/* * <Location /> * * AuthType Basic * * AuthName "Restricted Content" * * AuthUserFile /etc/apache2/.htpasswd * * Require valid-user * *</Location> * *</VirtualHost>* If apache and prometheus are on separate hosts, then use iptables on the prometheus host to accept connections on port 9090 from the apache server's IP address, but not from anywhere else. -- You received this message because you are subscribed to the Google Groups "Prometheus Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/prometheus-users/42ed30c8-59ad-4f81-96a0-40960c9f90f0o%40googlegroups.com.
