I am running the Dockerized version of Graylog (5.2 and 5.2.6) through an Nginx reverse proxy and when I access the /api/ page it does not redirect me to login when I am logged out as a user. I am not sure if this is a Graylog bug or simply due to Nginx but considering all other pages will properly redirect, I have strong reason to believe the issue is with Graylog.
HTTPS is set and enforced.
Edit:
The page is showing metadata instead of doing a redirect.
I am running the Dockerized version of Graylog (5.2 and 5.2.6) through an Nginx reverse proxy and when I access the /api/ page it does not redirect me to login when I am logged out as a user. I am not sure if this is a Graylog bug or simply due to Nginx but considering all other pages will properly redirect, I have strong reason to believe the issue is with Graylog.
HTTPS is set and enforced.
Edit: The page is showing metadata instead of doing a redirect.
Here is a thread I had opened previously regarding this issue on the Graylog forums, configuration settings, etc. can be found there: https://community.graylog.org/t/lockdown-or-disable-reaching-api-subdirectory/31478