Protecting config files
Moderators: Developers, Moderators
Protecting config files
Hello, I'm a newbie to Cacti and Linux. I have created some config files. The files are all located in /usr/share/cacti/plugins/weathermap/configs. I have found that I am able to access those config files directly via a web browser (e.g. http://<IP address of cacti server>/cacti/plugins/weathermap/configs/test.conf). Is there a way to make those config files inaccessible via web browser or somehow password protect them?
-
Howie
- Cacti Guru User
- Posts: 5508
- Joined: Thu Sep 16, 2004 5:53 am
- Location: United Kingdom
- Contact:
Re: Protecting config files
What webserver do you use? There's already a .htaccess file for Apache in the configs folder that would normally stop web access.
If you use Apache, you might need to add "AllowOverride" to your Apache config so that it takes notice of the .htaccess file. Here's a link for how that works on Ubuntu /Debian: https://ubuntuforums.org/showthread.php?t=1506129
(On other Linux, it will be different: sites-available is a specific Debian/Ubuntu thing)
If you use Apache, you might need to add "AllowOverride" to your Apache config so that it takes notice of the .htaccess file. Here's a link for how that works on Ubuntu /Debian: https://ubuntuforums.org/showthread.php?t=1506129
(On other Linux, it will be different: sites-available is a specific Debian/Ubuntu thing)
Weathermap 0.98a is out! & QuickTree 1.0. Superlinks is over there now (and built-in to Cacti 1.x).
Some Other Cacti tweaks, including strip-graphs, icons and snmp/netflow stuff.
(Let me know if you have UK DevOps or Network Ops opportunities, too!)
Some Other Cacti tweaks, including strip-graphs, icons and snmp/netflow stuff.
(Let me know if you have UK DevOps or Network Ops opportunities, too!)
Re: Protecting config files
I'm using Apache v2.4.6. I found some info on the web about password protecting folders using the .htaccess and .htpasswd files. But those didn't work for me. After looking at the link in the last response, I changed httpd.conf.
Currently, I have the following set in /etc/httpd/conf/httpd.conf.
<Directory "/var/www">
Options Indexes Includes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
Allow from all
</Directory>
FYI - after each change to httpd.conf, I restarted Apache using the command "apachectl restart".
I can still access the config file via web browser.
Currently, I have the following set in /etc/httpd/conf/httpd.conf.
<Directory "/var/www">
Options Indexes Includes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
Allow from all
</Directory>
FYI - after each change to httpd.conf, I restarted Apache using the command "apachectl restart".
I can still access the config file via web browser.
-
Howie
- Cacti Guru User
- Posts: 5508
- Joined: Thu Sep 16, 2004 5:53 am
- Location: United Kingdom
- Contact:
Re: Protecting config files
This isn't really a weathermap issue...
OK, so what directory is Weathermap in? (Is it below /var/www somewhere, or in /usr/share or similar where Ubuntu sometimes puts things)
And do you still have the original (from the zip) .htaccess in the configs/ folder?
OK, so what directory is Weathermap in? (Is it below /var/www somewhere, or in /usr/share or similar where Ubuntu sometimes puts things)
And do you still have the original (from the zip) .htaccess in the configs/ folder?
Weathermap 0.98a is out! & QuickTree 1.0. Superlinks is over there now (and built-in to Cacti 1.x).
Some Other Cacti tweaks, including strip-graphs, icons and snmp/netflow stuff.
(Let me know if you have UK DevOps or Network Ops opportunities, too!)
Some Other Cacti tweaks, including strip-graphs, icons and snmp/netflow stuff.
(Let me know if you have UK DevOps or Network Ops opportunities, too!)
Re: Protecting config files
FYI - I'm running Centos 7.
Weathermap is in /usr/share/cacti/plugins/weathermap.
Yes, I have the original .htaccess in the configs folder.
Weathermap is in /usr/share/cacti/plugins/weathermap.
Yes, I have the original .htaccess in the configs folder.
-
Howie
- Cacti Guru User
- Posts: 5508
- Joined: Thu Sep 16, 2004 5:53 am
- Location: United Kingdom
- Contact:
Re: Protecting config files
OK, so adding 'AllowOverride all' to /var/www is not going to affect /usr/share 
Have a look through /etc/httpd/conf/httpd.conf and /etc/httpd/conf.d/*.conf for another <Directory> mentioning /usr/share
If there isn't one, you probably want to create a new file /etc/httpd/conf.d/weathermap.conf containing:
or something similar. Then restart Apache.
I expect that you might already have something like /etc/httpd/conf.d/cacti.conf
Have a look through /etc/httpd/conf/httpd.conf and /etc/httpd/conf.d/*.conf for another <Directory> mentioning /usr/share
If there isn't one, you probably want to create a new file /etc/httpd/conf.d/weathermap.conf containing:
Code: Select all
<Directory "/usr/share/cacti/plugins/weathermap">
AllowOverride All
</Directory>
I expect that you might already have something like /etc/httpd/conf.d/cacti.conf
Weathermap 0.98a is out! & QuickTree 1.0. Superlinks is over there now (and built-in to Cacti 1.x).
Some Other Cacti tweaks, including strip-graphs, icons and snmp/netflow stuff.
(Let me know if you have UK DevOps or Network Ops opportunities, too!)
Some Other Cacti tweaks, including strip-graphs, icons and snmp/netflow stuff.
(Let me know if you have UK DevOps or Network Ops opportunities, too!)
Re: Protecting config files
I created a weathermap.conf file. That worked! I get a prompt for password to access config files now. Thank you Howie!! You're awesome!
Who is online
Users browsing this forum: No registered users and 2 guests