0132c8f8b0
Unfortunately, when Apache includes conf.d/*, the "c" in cacti.conf comes before "m" in mod_security.conf. This means we can't use the IfModule directive here to detect the installation of mod_security. Remove the IfModule section, and just provide instructions to users. Users will have to manually un-comment the two mod_security overrides. (Better than nothing.)
37 lines
903 B
Plaintext
37 lines
903 B
Plaintext
#
|
|
# Cacti: An rrd based graphing tool
|
|
#
|
|
|
|
# Change "Allow from 127.0.0.1" to open up cacti to other network devices.
|
|
# For example, change "Allow from 127.0.0.1" to "Allow from all".
|
|
|
|
Alias /cacti /usr/share/cacti
|
|
|
|
<Directory /usr/share/cacti/>
|
|
Order Deny,Allow
|
|
Deny from all
|
|
Allow from 127.0.0.1
|
|
</Directory>
|
|
|
|
<Directory /usr/share/cacti/install>
|
|
# mod_security overrides.
|
|
# Uncomment these if you use mod_security.
|
|
# allow POST of application/x-www-form-urlencoded during install
|
|
#SecRuleRemoveById 960010
|
|
# permit the specification of the rrdtool paths during install
|
|
#SecRuleRemoveById 900011
|
|
</Directory>
|
|
|
|
|
|
# The sections marked "deny from all" should not be modified.
|
|
# These are in place in order to harden cacti.
|
|
<Directory /usr/share/cacti/log>
|
|
order deny,allow
|
|
Deny from all
|
|
</Directory>
|
|
<Directory /usr/share/cacti/rra>
|
|
order deny,allow
|
|
Deny from all
|
|
</Directory>
|
|
|