httpd
# vi /etc/httpd/conf.d/cacti.conf
Alias /cacti /usr/share/cacti
<Directory /usr/share/cacti/>
<IfModule mod_authz_core.c>
# httpd 2.4
# Require host localhost
Require all granted
</IfModule>
<IfModule !mod_authz_core.c>
# httpd 2.2
Order deny,allow
Deny from all
# Allow from localhost
Allow from all
</IfModule>
</Directory>
<Directory /usr/share/cacti/install>
# mod_security overrides.
# Uncomment these if you use mod_security.
# allow POST of application/x-www-form-urlencoded during install
#SecRuleRemoveById 960010
# permit the specification of the rrdtool paths during install
#SecRuleRemoveById 900011
</Directory>
# These sections marked "Require all denied" (or "Deny from all")
# should not be modified.
# These are in place in order to harden Cacti.
<Directory /usr/share/cacti/log>
<IfModule mod_authz_core.c>
Require all denied
</IfModule>
<IfModule !mod_authz_core.c>
Order deny,allow
Deny from all
</IfModule>
</Directory>
<Directory /usr/share/cacti/rra>
<IfModule mod_authz_core.c>
Require all denied
</IfModule>
<IfModule !mod_authz_core.c>
Order deny,allow
Deny from all
</IfModule>
</Directory>