Securing response URL

Post by **BanditBBS** » Wed Aug 28, 2013 8:38 am

I did this: http://support.nagios.com/forum/viewtop ... 16&t=11690

However, it doesn't seem to be working. I am clicking on a response URL and it is taking me right to the service. Something I need to restart?

I did restart Nagios and httpd.

Thanks

sreinhardt · Post by **sreinhardt** » Wed Aug 28, 2013 9:08 am

I was going to ask if you happened to update to 2.3... but your signature already covers that. Have you logged out of XI then clicked the link?

Post by **BanditBBS** » Wed Aug 28, 2013 9:12 am

sreinhardt wrote:I was going to ask if you happened to update to 2.3... but your signature already covers that. Have you logged out of XI then clicked the link?

Yes sir. I even just closed all browser windows and clicked on link. Browser opened right up into it the screen where I could make a change. As stated, I applied changes to a config change(restarted Nagios) and also manually restarted the httpd service. Was there any specific place in the file I should have put that setting?

sreinhardt · Post by **sreinhardt** » Wed Aug 28, 2013 9:22 am

Not really, we have it set at the bottom of the config.inc.php, but it really shouldn't matter. Let me verify that it needs to be set to 1 to secure and not 1 to un-secure.

EDIT: OK so we needed some clarification on that paritcular setting. Specifically, that old notifications with that link still will work for the time being. However any future notifications will have a completely different url in the notification. In a future release, we are likely going to alter the rr.php to look at that variable and if set, ignore even old notifications, however we did not want to push too many changes in one step.

So with that said, if you get a new notification and this behavior exists, please let me know, as it should not continue.

Post by **BanditBBS** » Wed Aug 28, 2013 9:26 am

sreinhardt wrote:Not really, we have it set at the bottom of the config.inc.php, but it really shouldn't matter. Let me verify that it needs to be set to 1 to secure and not 1 to un-secure.

I moved mine to the bottom of file just in case and restarted httpd(is that what is needed to be restarted?) and it made no change. Will wait on your test result.

sreinhardt · Post by **sreinhardt** » Wed Aug 28, 2013 9:28 am

Just to post after you in case you don't see the edit:

OK so we needed some clarification on that paritcular setting. Specifically, that old notifications with that link still will work for the time being. However any future notifications will have a completely different url in the notification. In a future release, we are likely going to alter the rr.php to look at that variable and if set, ignore even old notifications, however we did not want to push too many changes in one step.

So with that said, if you get a new notification and this behavior exists, please let me know, as it should not continue.

Post by **BanditBBS** » Wed Aug 28, 2013 9:33 am

I did not see the edit, thanks for posting again

Ok, now that you made that clarification, I'm good with closing this thread. I'm sure it will work as designed, and I will test next time I see an alert go to someone. I was using an old alert for testing purposes

sreinhardt · Post by **sreinhardt** » Wed Aug 28, 2013 9:38 am

Cool sounds great! After speaking with scott, thats what we figured was happening. Hopefully that final change should be done in the next release.

Nagios Support Forum

Securing response URL

Securing response URL

Re: Securing response URL

Re: Securing response URL

Re: Securing response URL

Re: Securing response URL

Re: Securing response URL

Re: Securing response URL

Re: Securing response URL