[Xymon] restrict access to Xymon not working as expected

Alessandro Tinivelli Alessandro.Tinivelli at faacgroup.com
Wed Dec 14 18:06:04 CET 2016

Hallo everyone,

sorry if the question has already been asked, but i could not find any answer in google:

my brand new xymon installation (Xymon 4.3.27-1.el7.terabithia) on Centos7 has the liens below in apache config file:
I have created the /etc/xymon/xymonpasswd file , but the access is still free with no pass request.
Is there something I did not understand? Should this file located somewhere else?

Thank you in advance

# Password file where users with access to these scripts are kept.
    # Although expected in $XYMONHOME/etc/ by the useradm and chpasswd
    # scripts, files here can be read with the "config" message type,
    # which allows status-privileged clients to read arbitrary regular files
    # from the directory.
    # This file should be owned and readable only by the apache server user,
    # and ideally merely a symlink to a location outside of $XYMONHOME/etc/
    # Create it with:
    #   htpasswd -c /etc/xymon/xymonpasswd USERNAME
    #   chown apache:apache /etc/xymon/xymonpasswd
    #   chmod 640 /etc/xymon/xymonpasswd
    # Add more users / change passwords with: "htpasswd /etc/xymon/xymonpasswd USERNAME"
    # You can also use a group file to restrict admin access to members of a
    # group, instead of anyone who is logged in. In that case you must setup
    # the "xymongroups" file, and change the "Require" settings to require
    # a specific group membership. See the Apache docs for more details.

    AuthUserFile /etc/xymon/xymonpasswd
    AuthGroupFile /etc/xymon/xymongroups
    AuthType Basic
    AuthName "Xymon Administration"

    # "valid-user" restricts access to anyone who is logged in.
    Require valid-user

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.xymon.com/pipermail/xymon/attachments/20161214/12d72fe7/attachment.html>

More information about the Xymon mailing list