Try to swap 'Order allow,deny' to 'Order deny,allow'
Op maandag 27-02-2023 om 10:54 uur [tijdzone +0000], schreef Neil
Simmonds:
Hi all,
On my current prod Xymon (which was built by someone no longer with
the company) we are required to supply a userid/passwd for disabling
or acknowledging tests.
As far as I can see this is done through the <Directory
"/usr/share/xymon/cgi-secure"> part of the httpd.conf (or on my new
server Xymon.conf in /etc/httpd/conf.d )
I?ve got the conf set like the below which is the same as the working
system, the /etc/xymon/ xymonpasswd file exists, is owned by apache
user and had 64- permissions as required yet I?m not getting prompted
for the password when I disable a test? Am I missing something?
<Directory "/usr/share/xymon/cgi-secure">
AllowOverride None
Options ExecCGI Includes
<IfModule mod_authz_core.c>
# Apache 2.4+
Require all granted
</IfModule>
<IfModule !mod_authz_core.c>
Order allow,deny
Allow from all
</IfModule>
AuthUserFile /etc/xymon/xymonpasswd
AuthGroupFile /etc/xymon/xymongroups
AuthType Basic
AuthName "Xymon Administration"
<RequireAll>
# "valid-user" restricts access to anyone who is logged in.
Require valid-user
# "group admins" restricts access to users who have logged in,
AND
# are members of the "admins" group in xymongroups.
# Require group admins
</RequireAll>
</Directory>
Studio is a trading name of Studio Retail Ltd which is authorised and
regulated by the Financial Conduct Authority for consumer credit and
general insurance. Studio Retail Ltd are members of the Finance and
Leasing Association (FLA). Registered in England. No: 718151.
Registered Office: Church Bridge House, Henry Street, Accrington, BB5
4EE NOTE: This email and any information contained within or attached
in a separate file is confidential and intended solely for the
Individual to whom it is addressed. The information or data included
is solely for the purpose indicated or previously agreed. Any
information or data included with this e-mail remains the property of
Studio Retail Ltd and the recipient will refrain from utilising the
information for any purpose other than that indicated and upon request
will destroy the information and remove it from their records. Any
views or opinions presented are solely those of the author and do not
necessarily represent those of Studio Retail Ltd. If you are not the
intended recipient, be advised that you have received this email in
error and that any use, dissemination, forwarding, printing, or
copying of this email is strictly prohibited. No warranties or
assurances are made in relation to the safety and content of this
e-mail and any attachments. No liability is accepted for any
consequences arising from it. Studio Retail Ltd reserves the right to
monitor all e-mail communications through its internal and external
networks. If you have received this email in error, please notify our
careline on +44(0) XXX XXX XXXX.
This message has been scanned for viruses with ClamAV
at vermare.net