Protecting config files

Support questions about the Network Weather Map plugin

Moderators: Developers, Moderators

Post Reply
jnewb
Posts: 10
Joined: Mon Oct 31, 2016 6:54 pm

Protecting config files

Post by jnewb »

Hello, I'm a newbie to Cacti and Linux. I have created some config files. The files are all located in /usr/share/cacti/plugins/weathermap/configs. I have found that I am able to access those config files directly via a web browser (e.g. http://<IP address of cacti server>/cacti/plugins/weathermap/configs/test.conf). Is there a way to make those config files inaccessible via web browser or somehow password protect them?
User avatar
Howie
Cacti Guru User
Posts: 5508
Joined: Thu Sep 16, 2004 5:53 am
Location: United Kingdom
Contact:

Re: Protecting config files

Post by Howie »

What webserver do you use? There's already a .htaccess file for Apache in the configs folder that would normally stop web access.

If you use Apache, you might need to add "AllowOverride" to your Apache config so that it takes notice of the .htaccess file. Here's a link for how that works on Ubuntu /Debian: https://ubuntuforums.org/showthread.php?t=1506129

(On other Linux, it will be different: sites-available is a specific Debian/Ubuntu thing)
Weathermap 0.98a is out! & QuickTree 1.0. Superlinks is over there now (and built-in to Cacti 1.x).
Some Other Cacti tweaks, including strip-graphs, icons and snmp/netflow stuff.
(Let me know if you have UK DevOps or Network Ops opportunities, too!)
jnewb
Posts: 10
Joined: Mon Oct 31, 2016 6:54 pm

Re: Protecting config files

Post by jnewb »

I'm using Apache v2.4.6. I found some info on the web about password protecting folders using the .htaccess and .htpasswd files. But those didn't work for me. After looking at the link in the last response, I changed httpd.conf.

Currently, I have the following set in /etc/httpd/conf/httpd.conf.

<Directory "/var/www">
Options Indexes Includes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
Allow from all
</Directory>

FYI - after each change to httpd.conf, I restarted Apache using the command "apachectl restart".

I can still access the config file via web browser.
User avatar
Howie
Cacti Guru User
Posts: 5508
Joined: Thu Sep 16, 2004 5:53 am
Location: United Kingdom
Contact:

Re: Protecting config files

Post by Howie »

This isn't really a weathermap issue...

OK, so what directory is Weathermap in? (Is it below /var/www somewhere, or in /usr/share or similar where Ubuntu sometimes puts things)

And do you still have the original (from the zip) .htaccess in the configs/ folder?
Weathermap 0.98a is out! & QuickTree 1.0. Superlinks is over there now (and built-in to Cacti 1.x).
Some Other Cacti tweaks, including strip-graphs, icons and snmp/netflow stuff.
(Let me know if you have UK DevOps or Network Ops opportunities, too!)
jnewb
Posts: 10
Joined: Mon Oct 31, 2016 6:54 pm

Re: Protecting config files

Post by jnewb »

FYI - I'm running Centos 7.

Weathermap is in /usr/share/cacti/plugins/weathermap.

Yes, I have the original .htaccess in the configs folder.
User avatar
Howie
Cacti Guru User
Posts: 5508
Joined: Thu Sep 16, 2004 5:53 am
Location: United Kingdom
Contact:

Re: Protecting config files

Post by Howie »

OK, so adding 'AllowOverride all' to /var/www is not going to affect /usr/share :-)

Have a look through /etc/httpd/conf/httpd.conf and /etc/httpd/conf.d/*.conf for another <Directory> mentioning /usr/share

If there isn't one, you probably want to create a new file /etc/httpd/conf.d/weathermap.conf containing:

Code: Select all

<Directory "/usr/share/cacti/plugins/weathermap">
AllowOverride All
</Directory>
or something similar. Then restart Apache.

I expect that you might already have something like /etc/httpd/conf.d/cacti.conf
Weathermap 0.98a is out! & QuickTree 1.0. Superlinks is over there now (and built-in to Cacti 1.x).
Some Other Cacti tweaks, including strip-graphs, icons and snmp/netflow stuff.
(Let me know if you have UK DevOps or Network Ops opportunities, too!)
jnewb
Posts: 10
Joined: Mon Oct 31, 2016 6:54 pm

Re: Protecting config files

Post by jnewb »

I created a weathermap.conf file. That worked! I get a prompt for password to access config files now. Thank you Howie!! You're awesome!
Post Reply

Who is online

Users browsing this forum: No registered users and 1 guest