From bd7b9ad8ec724310ad280fc4fd580d5e08ea7d67 Mon Sep 17 00:00:00 2001 From: GGP1 Date: Thu, 24 Oct 2024 14:54:43 -0300 Subject: [PATCH] Update API host default value --- .../reference-wazuh-puppet/wazuh-manager-class.rst | 4 ++-- source/development/rbac-database-integrity.rst | 4 ++-- source/user-manual/api/configuration.rst | 12 ++++++------ source/user-manual/api/securing-api.rst | 6 +++--- 4 files changed, 13 insertions(+), 13 deletions(-) diff --git a/source/deployment-options/deploying-with-puppet/wazuh-puppet-module/reference-wazuh-puppet/wazuh-manager-class.rst b/source/deployment-options/deploying-with-puppet/wazuh-puppet-module/reference-wazuh-puppet/wazuh-manager-class.rst index fd8e7f33c6..3f6a56f6aa 100644 --- a/source/deployment-options/deploying-with-puppet/wazuh-puppet-module/reference-wazuh-puppet/wazuh-manager-class.rst +++ b/source/deployment-options/deploying-with-puppet/wazuh-puppet-module/reference-wazuh-puppet/wazuh-manager-class.rst @@ -732,9 +732,9 @@ Wazuh API variables $wazuh_api_host IP address or hostname of the Wazuh manager where the Wazuh API is running. - `Default 0.0.0.0` + `Default ['0.0.0.0', '::']` - `Type String` + `Type List` $wazuh_api_port Port where the Wazuh API will listen. diff --git a/source/development/rbac-database-integrity.rst b/source/development/rbac-database-integrity.rst index ea4c5738e6..d91dfe5d4f 100644 --- a/source/development/rbac-database-integrity.rst +++ b/source/development/rbac-database-integrity.rst @@ -58,7 +58,7 @@ After upgrading from a Wazuh version with RBAC database version 0 to 1, ``WAZUH_ 2022/06/17 09:44:04 INFO: RBAC database migration required. Current version is 0 but it should be 1. Upgrading RBAC database to version 1 2022/06/17 09:44:09 INFO: /var/ossec/api/configuration/security/rbac.db database upgraded successfully 2022/06/17 09:44:09 INFO: RBAC database integrity check finished successfully - 2022/06/17 09:44:12 INFO: Listening on 0.0.0.0:55000.. + 2022/06/17 09:44:12 INFO: Listening on ['0.0.0.0', '::']:55000.. After upgrading from a Wazuh version with RBAC database version 0 to 1, with the old DB having a user that is a default user in the new version: @@ -72,7 +72,7 @@ After upgrading from a Wazuh version with RBAC database version 0 to 1, with the 2022/06/17 10:00:25 WARNING: User 100 (example) is part of the new default users. Renaming it to 'example_user' 2022/06/17 10:00:26 INFO: /var/ossec/api/configuration/security/rbac.db database upgraded successfully 2022/06/17 10:00:26 INFO: RBAC database integrity check finished successfully - 2022/06/17 10:00:29 INFO: Listening on 0.0.0.0:55000.. + 2022/06/17 10:00:29 INFO: Listening on ['0.0.0.0', '::']:55000.. ``GET /security/users`` response: diff --git a/source/user-manual/api/configuration.rst b/source/user-manual/api/configuration.rst index e3292176be..706174a054 100644 --- a/source/user-manual/api/configuration.rst +++ b/source/user-manual/api/configuration.rst @@ -21,7 +21,7 @@ Here are all the available settings for the ``/var/ossec/api/configuration/api.y .. code-block:: yaml - host: 0.0.0.0 + host: ["0.0.0.0", "::"] port: 55000 drop_privileges: yes @@ -96,11 +96,11 @@ API configuration options host ^^^^ -+----------------------------------+---------------+--------------------------------------------------------------------------------------+ -| Allowed values | Default value | Description | -+==================================+===============+======================================================================================+ -| Any valid IP address or hostname | 0.0.0.0 | IP address or hostname of the Wazuh manager where the Wazuh server API is running. | -+----------------------------------+---------------+--------------------------------------------------------------------------------------+ ++-------------------------------------------+---------------------+------------------------------------------------------------------------------------------+ +| Allowed values | Default value | Description | ++===========================================+===============+================================================================================================+ +| A list of valid IP addresses or hostnames | ['0.0.0.0', '::'] | IP addresses or hostnames of the Wazuh manager where the Wazuh server API is running. | ++-------------------------------------------+---------------------+------------------------------------------------------------------------------------------+ port ^^^^ diff --git a/source/user-manual/api/securing-api.rst b/source/user-manual/api/securing-api.rst index 26eafdfc76..ad025623e4 100644 --- a/source/user-manual/api/securing-api.rst +++ b/source/user-manual/api/securing-api.rst @@ -86,11 +86,11 @@ You can change the default password for the administrative users ``wazuh`` and 3. Change the default host and port ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ -By default, the ``host`` is set to ``0.0.0.0``, allowing the Wazuh server API to accept incoming connections on all available network interfaces. To restrict access, edit the Wazuh server API configuration in ``/var/ossec/api/configuration/api.yaml``: +By default, the ``host`` is set to ``['0.0.0.0', '::']``, allowing the Wazuh server API to accept incoming connections on all available network interfaces. To restrict access, edit the Wazuh server API configuration in ``/var/ossec/api/configuration/api.yaml``: .. code-block:: yaml - host: 0.0.0.0 + host: ['0.0.0.0', '::'] You can also change the default port: @@ -120,4 +120,4 @@ To protect against brute force attacks, you can limit login attempts from the sa By default, you're allowed 50 login attempts per 300-second period. To adjust these limits, edit the ``max_login_attempts`` and/or ``block_time`` settings in ``/var/ossec/api/configuration/api.yaml``. -You can find a complete Wazuh server API configuration guide :doc:`here `. \ No newline at end of file +You can find a complete Wazuh server API configuration guide :doc:`here `.