How to set the Kibana server host and port

Setting a dedicated listen address and TCP port for Kibana controls where the web interface is reachable and reduces accidental exposure of an administrative endpoint.

Kibana reads network binding settings from /etc/kibana/kibana.yml and starts an HTTP server bound to the configured server.host and server.port values. Binding to a specific IP limits which interfaces accept connections, while changing the port can avoid conflicts or match an existing proxy/firewall policy.

Binding to every interface (for example, 0.0.0.0) can make Kibana reachable from unintended networks, including public ones if routing and firewall rules allow it. When Kibana is published behind a reverse proxy or served from a sub-path, additional URL settings may be required so redirects and absolute links remain correct.

1. Open the Kibana configuration file.

   $ sudo nano /etc/kibana/kibana.yml

2. Set the server.host and server.port values.

   server.host: "10.10.10.50"
   server.port: 5601

   Use localhost to restrict access to the local machine, or a specific interface IP to expose Kibana only on a chosen network.

   Setting server.host to 0.0.0.0 binds Kibana to all interfaces, which can expose the login page to unintended networks if firewall or routing permits it.

3. Restart the Kibana service to apply the settings.

   $ sudo systemctl restart kibana

   Related: How to manage the Kibana service with systemctl in Linux

4. Confirm the Kibana process is listening on the configured address and port.

   $ sudo ss --tcp --listening --numeric --processes | grep ':5601'
   LISTEN 0      128    10.10.10.50:5601      0.0.0.0:*    users:(("node",pid=2147,fd=19))

5. Verify Kibana responds on the new address and port.

   $ curl --head http://10.10.10.50:5601
   HTTP/1.1 302 Found
   kbn-name: kibana
   location: /login

   HTTP 302 redirects to /login are typical when Kibana authentication is enabled.