Hello All.
our security team send us a report about apache update and some of Cross-site Scripting (XSS) for modify to avoid any attack and secure cacti tool.
so please any advise or article to safe and avoid any attack for cacti refarding apache and Cross-site Scripting (XSS) ?
Thanks
Cacti for safe and security
Moderators: Developers, Moderators
Re: Cacti for safe and security
What version of Cacti?
-
TheWitness
- Developer
- Posts: 17007
- Joined: Tue May 14, 2002 5:08 pm
- Location: MI, USA
- Contact:
Re: Cacti for safe and security
Cacti has started using header directives to prevent XSS attacks using Apache. Best to goto release 1.2.11 once released as it includes the changes. You can get most of them from 1.2.10 as well, but if you are a big site, you will have to pull some fixes from the yet to be released 1.2.11 anyway.
True understanding begins only when we realize how little we truly understand...
Life is an adventure, let yours begin with Cacti!
Author of dozens of Cacti plugins and customization's. Advocate of LAMP, MariaDB, IBM Spectrum LSF and the world of batch. Creator of IBM Spectrum RTM, author of quite a bit of unpublished work and most of Cacti's bugs.
_________________
Official Cacti Documentation
GitHub Repository with Supported Plugins
Percona Device Packages (no support)
Interesting Device Packages
For those wondering, I'm still here, but lost in the shadows. Yearning for less bugs. Who want's a Cacti 1.3/2.0? Streams anyone?
Life is an adventure, let yours begin with Cacti!
Author of dozens of Cacti plugins and customization's. Advocate of LAMP, MariaDB, IBM Spectrum LSF and the world of batch. Creator of IBM Spectrum RTM, author of quite a bit of unpublished work and most of Cacti's bugs.
_________________
Official Cacti Documentation
GitHub Repository with Supported Plugins
Percona Device Packages (no support)
Interesting Device Packages
For those wondering, I'm still here, but lost in the shadows. Yearning for less bugs. Who want's a Cacti 1.3/2.0? Streams anyone?
Re: Cacti for safe and security
Cacti Version 1.2.0
Re: Cacti for safe and security
so must upgrade ?
and upgrade process is there any impact or risk ?
and upgrade process is there any impact or risk ?
-
bmfmancini
- Cacti User
- Posts: 250
- Joined: Wed Mar 13, 2019 3:37 pm
- Location: toronto
- Contact:
Re: Cacti for safe and security
the biggest thing to remeber is to backup your database and make a copy of you cacti directory
Telecom Lifer, Monitoring and performance enthusiast, Father, Husband
Cacti Bug Hunter and Member
www.seanmancini.com
sean(at)seanmancini.com
github.com/bmfmancini
My Cacti scripts and templates ( Non official)
Cacti install wizard https://github.com/bmfmancini/cacti-install-wizard
Cacti templates https://github.com/bmfmancini/Cacti-templates
Always willing to help!
Cacti Bug Hunter and Member
www.seanmancini.com
sean(at)seanmancini.com
github.com/bmfmancini
My Cacti scripts and templates ( Non official)
Cacti install wizard https://github.com/bmfmancini/cacti-install-wizard
Cacti templates https://github.com/bmfmancini/Cacti-templates
Always willing to help!
Who is online
Users browsing this forum: No registered users and 7 guests