httpd

# vi /etc/httpd/conf.d/cacti.conf

Alias /cacti    /usr/share/cacti

<Directory /usr/share/cacti/>

        <IfModule mod_authz_core.c>

                # httpd 2.4

               # Require host localhost

               Require all granted

        </IfModule>

        <IfModule !mod_authz_core.c>

                # httpd 2.2

                Order deny,allow

                Deny from all

                # Allow from localhost

               Allow from all

        </IfModule>

</Directory>

<Directory /usr/share/cacti/install>

        # mod_security overrides.

        # Uncomment these if you use mod_security.

        # allow POST of application/x-www-form-urlencoded during install

        #SecRuleRemoveById 960010

        # permit the specification of the rrdtool paths during install

        #SecRuleRemoveById 900011

</Directory>

# These sections marked "Require all denied" (or "Deny from all")

# should not be modified.

# These are in place in order to harden Cacti.

<Directory /usr/share/cacti/log>

        <IfModule mod_authz_core.c>

                Require all denied

        </IfModule>

        <IfModule !mod_authz_core.c>

                Order deny,allow

                Deny from all

        </IfModule>

</Directory>

<Directory /usr/share/cacti/rra>

        <IfModule mod_authz_core.c>

                Require all denied

        </IfModule>

        <IfModule !mod_authz_core.c>

                Order deny,allow

                Deny from all

        </IfModule>

</Directory>