From 091a5428743a74c4a5b27d2d15703c087f09e352 Mon Sep 17 00:00:00 2001
From: Ken Dreyer <ktdreyer@ktdreyer.com>
Date: Sun, 14 Jul 2013 14:54:34 -0600
Subject: [PATCH] improve security description in cacti's httpd conf (RHBZ
 #895823)

---
 cacti-httpd.conf | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/cacti-httpd.conf b/cacti-httpd.conf
index 4ef5d2c..c687845 100644
--- a/cacti-httpd.conf
+++ b/cacti-httpd.conf
@@ -2,7 +2,9 @@
 # Cacti: An rrd based graphing tool
 #
 
-# Change the following ACLs to open up Cacti to other network devices.
+# For security reasons, the Cacti web interface is accessible only to
+# localhost in the default configuration. If you want to allow other clients
+# to access your Cacti installation, change the httpd ACLs below.
 # For example:
 # On httpd 2.4, change "Require host localhost" to "Require all granted".
 # On httpd 2.2, change "Allow from localhost" to "Allow from all".