Nagios Support Forum

Hey all, hope this is the right place. I have search high and low for an answer, and oddly, I can't find one.

I just installed Nagios Core and Plugins following the guide in the included. When I attempt to log in using the correct user/password (if the pass is wrong it just keeps coming up with the login, thats how I know its correct...) I get a 403 Forbidden error from my Apache server.

Can someone help me out with a fix?

If you're getting past the apache authentication, check to see if your user is authorized in the cgi.cfg file. This is located at /usr/local/nagios/etc/cgi.cfg. Nagios filters what the user can do based on the authorized names in that file.

The 403 error suggests that the Apache auth step is as far as he gets. I'd suggest first checking the user/password file being referenced by Apache (/usr/local/nagios/etc/htpasswd.users usually) to make sure there is at least a line in it for your user. If not, or to reset the password stored, use the 'htpasswd' command ('man htpasswd' for usage & syntax details).

Thanks for the replies.

mguthrie wrote:If you're getting past the apache authentication, check to see if your user is authorized in the cgi.cfg file. This is located at /usr/local/nagios/etc/cgi.cfg. Nagios filters what the user can do based on the authorized names in that file.

I'll have to check on this - thanks.

tonyyarusso wrote:The 403 error suggests that the Apache auth step is as far as he gets. I'd suggest first checking the user/password file being referenced by Apache (/usr/local/nagios/etc/htpasswd.users usually) to make sure there is at least a line in it for your user. If not, or to reset the password stored, use the 'htpasswd' command ('man htpasswd' for usage & syntax details).

This is correct - the Apache auth step is the point in which I get the 403. Error page specifically quotes the Apache server as well. However, I have checked the htpasswd.users file and the username is indeed there. I have updated the password numerous times using htpasswd, same error occurs.

mguthrie wrote:If you're getting past the apache authentication, check to see if your user is authorized in the cgi.cfg file. This is located at /usr/local/nagios/etc/cgi.cfg. Nagios filters what the user can do based on the authorized names in that file.

OKay - So I noticed in this file that all instances referring to the authorized user were directed to the default "nagiosadmin" account. This is however, not the account I set up as the administrator, simply "admin." I went through the cgi.cfg file and changed all records to point to this username. Then verified in the htpasswd file that this is indeed the username set.

hen I restarted my Apache server, and tried again. Still receiving the same error.

Bear with me if you've checked this already, but I suppose the other thing you could double check would be the apache configuration file for Nagios (nagios.conf) and verify that it's pointing to the correct authorization file.

This could also just be a file permissions issue. Check the Apache error logs to see if it tells you any more, but there may be a lack of read permission for the apache user.

What are the needed steps to fix this, I have just installed Nagios and when I try to login I am getting the same error. It seems it is with Apache but I am not sure how to change the permissions and what to change them to.