Nagios Support Forum

Since I just set up a new Nagios XI system, and had to basically start from the ground floor and build it up, I am finding many little tweaks here and there that I needed to make in order for everything to be as close to perfect as I can get them.

I have now setup my system to always use SSL. It now expects every link I go to from the GUI to also be secure.

We use Dashboards quite a bit, and many are using the Custom URL Dashlet. Any new Custom URL dashboards added, if you are not careful, will end up using http. I would suggest to anyone who implements the SSL solution to consider making this minor change. Change the default.

Edit the dashlet and add an s to http - near line 60 In the past I had to deal with web browsers protecting me from evil dashboards until I changed this.

Just something to be aware of.

Maybe this could be added to the formal Nagios Doc. It is no show stopper, but can make things confusing for folks who are unaware of how to work around it in their browser. The browser will simply not load the page, and unless they know to look in the URL bar for the clue of how to browse unsafe pages, they will think the page is broken.

Thanks

Steve B

Nice tip Steve!

Thanks for the contribution Steve!

I have been going back and forth as to whether this should be a bug request, and I don't feel it quite is since it's just the HTML placeholder. Let us know if you find anything else interesting and I'll be happy to review it.

Sad thing is that I had a Ton of dashboards built when Management decided to we needed to become DFARS compliant. Basically, we needed to start making any and all web access become secure. So, trial by fire made me learn how to get the postgresql nagiosxi data exported, learn how to change it and import it. Otherwise I would have to delete and recreate all the dashboards to use https. Both methods would be a pain in the butt.

If I can save someone from the trouble I had by telling my story, then I'm happy.

Maybe not a bug, but if you go to the trouble of converting your Nagios XI installation to use SSL, what's one more preventative edit worth. Maybe just update the Doc to add this as a suggestion.

I'm not actually making a request, so if you want to close this you can.

Steve B

I actually brought this up for discussion internally so we'll see what happens. You always end up posting great instructions for different scenarios so I would like for this to be considered.

I'll leave this thread open for now should we have anything to add to it.

Our documentation has been updated to include steps to modify the Custom URL Dashlet.