#

# Cacti: An rrd based graphing tool

#

# For security reasons, the Cacti web interface is accessible only to

# localhost in the default configuration. If you want to allow other clients

# to access your Cacti installation, change the httpd ACLs below.

# For example:

# On httpd 2.4, change "Require host localhost" to "Require all granted".

# On httpd 2.2, change "Allow from localhost" to "Allow from all".

Alias /cacti    /usr/share/cacti

<Directory /usr/share/cacti/>

	<IfModule mod_authz_core.c>

		# httpd 2.4

		Require host localhost

	</IfModule>

	<IfModule !mod_authz_core.c>

		# httpd 2.2

		Order deny,allow

		Deny from all

		Allow from localhost

	</IfModule>

</Directory>

<Directory /usr/share/cacti/install>

	# mod_security overrides.

	# Uncomment these if you use mod_security.

	# allow POST of application/x-www-form-urlencoded during install

	#SecRuleRemoveById 960010

	# permit the specification of the rrdtool paths during install

	#SecRuleRemoveById 900011

</Directory>

# These sections marked "Require all denied" (or "Deny from all")

# should not be modified.

# These are in place in order to harden Cacti.

<Directory /usr/share/cacti/log>

	<IfModule mod_authz_core.c>

		Require all denied

	</IfModule>

	<IfModule !mod_authz_core.c>

		Order deny,allow

		Deny from all

	</IfModule>

</Directory>

<Directory /usr/share/cacti/rra>

	<IfModule mod_authz_core.c>

		Require all denied

	</IfModule>

	<IfModule !mod_authz_core.c>

		Order deny,allow

		Deny from all

	</IfModule>

</Directory>