Nagios Support Forum

Dear Expert

how to block HTTP from Public IPs

Having NagiosXI 5.x.x
Apache/2.2.15
Centos 6.x

I want to block my NAGIOS/NagiosXI from public IPs, how I can?

i tried via /etc/httpd/conf/httpd.conf but no success
<VirtualHost *:80>
not allowed , not taking the cmd ORDER ALLOW DENY
</VirtualHost>

<Directory *>
Order deny,allow
Deny from all
Allow from 192.168.0.0/16 172.16.0.0/12 10.0.0.0/8 100.100.100.100/32
</Directory>

Regards

Hi zaji_nms,
First create a file calling its: Add the followings to the "block-ips.conf" file: Drop the file "block-ips.conf" in the "conf.d" folder of the Apache: Restart the Apache HTTP Service Hope this helps!!

Vinh

Dear Vinh

looks u have sent the solution for new APACHE version

httpd -t
Syntax error on line 2 of /etc/httpd/conf.d/block-ips.conf:
Invalid command '<RequireAll', perhaps misspelled or defined by a module not included in the server configuration

please check my very first thread, I have mentioned the APACHE and CENTOS version

can you please recheck and plz provide the solution accordingly the version i have mentioned

regards

Thanks Vinh, after your hint, looks it should be as below

<LocationMatch "/.*">
Order deny,allow
Deny from all
Allow from 100.100.100.100
Allow from 200.200.200.200
Allow from 172.16.30.0/24
Allow from 192.168.0.0/16
Allow from 10.0.0.0/8
</LocationMatch>

Sorry .... my bad!!

/etc/httpd/conf.d/block-ips.conf Restart service:

Great!! ... I was about to upload my block-ips.conf file.
We will close (lock) this ticket then ....

Dear Vtrac/Vinh

I was also very excited that long pending issue resolved but......

no, Sorry! cannot close, as we are facing some minor issue after that
ohhh some major issue..........cannot apply Config change
can you please do some lab test and come with solution, it will be great

[img]NagiosXI%20apache%20changes%20block-ips%20before%20and%20after.png[/img]

to eliminate any doubt we allowed all Private IPs and Public IPs of our server, but some minor issue we facing

<LocationMatch "/.*">
Order deny,allow
Deny from all
Allow from 100.100.100.100 <<<<<<<< public IP of our server
Allow from 200.200.200.200 <<<<<<<< another Public IP natted
Allow from 172.16.0.0/12
Allow from 192.168.0.0/16
Allow from 10.0.0.0/8
Allow from 127.0.0.0/24
</LocationMatch>

to eliminate any doubt i have added all private IPs and /etc/hosts updated too but issue not getting resolve

more /etc/hosts
127.0.0.1 localhost localhost.localdomain
192.168.123.123 localhost local2

after blocking only Showing three
Monitoring Engine is Running
Performance Graph is Running
Dabase Backend is Running

and not showing on the top of Search Bar (below)
Active Hosts Check are Enabled
Active Service Checks are Enabled
Notifications are Enabled

Please note we have done previously long back some customization to see Display_Name when we click the Service, that also not showing after the changes (after block-ips.conf)

Regards

Hi zaji_nms,
Please add "localhost" to the allowed list, this should fix the issue: Also, I have brought up this issue to my team and was suggested that it would be better to handle this issue by the firewall (network) team .... which is way more secure!!

Best Regards,
Vinh

Thanks Vinh

yah...added localhost and ....Great its working fine....plz close this Post.....but sorry I will open another one to give u some more trouble.

Thanks for your advice about Firewall....we do but here some special case so did not apply.

Thanks once again

zaji_nms wrote:Thanks Vinh

yah...added localhost and ....Great its working fine....plz close this Post.....but sorry I will open another one to give u some more trouble.

Thanks for your advice about Firewall....we do but here some special case so did not apply.

Thanks once again

Locking thread