I've started a new gig, and am setting up Chef. I've gotten the server up, with Let's Encrypt providing x.509 certificates. (Woo!)
When testing out the certificate, I noticed that the Chef Server has an index page identifying its purpose. For my configuration, my Chef server will be available to the WAN. While yes I'm sure someone could identify it as a Chef server with enough poking, I'd prefer to not have a giant page announcing what the purpose of the node is:
Are You Looking For the Chef Server?
Hello! It looks like you were trying to browse to your Chef Server but you haven't installed the Management Console.
If you prefer, you can access the server programmatically with the Chef Server API. To learn how to do this, head over to our API Documentation pages.
If you do want to use your browser to manage your server, then install the Management Console. It's free for up to 25 nodes.
One way to install the Management Console is to log in as root and type this command:
chef-server-ctl install chef-manage
Alternatively, you can download the Management Console as an installable package from the Management Console downloads page.
You may also be interested in our other add-ons. These are available as packages from our Chef Server downloads page or you can type chef-server-ctl install. Without arguments, the command lists the packages available for installation.
I spoke to Noah on a Slack group, and he had some helpful suggestions. One would be to try and modify the embedded Nginx config to use the LUA router that's used for API requests. This would cause browsers to get a 401 error. The other option is to truncate the
The downsides to both of these options is that a
chef-server-ctl reconfigure will blow it away. Is there merit in opening a GitHub issue against the Chef server to ask for a configuration option to disable the index page? Does anyone have any other suggestions around disabling this page?