How can I allow users to only see certain reports via IPHost Web interface?
Q: Is it possible to only allow users to see and generate reports? Also, I need to control which of users may access reports.
A: By default, access to Web interface of IPHost Network Monitor is unrestricted; for higher security, we recommend setting host part of the Web interface to localhost (or “127.0.0.1”) (in “Settings -> Web Interface” menu of IPHost GUI client).
You can modify IPHost Network Monitor UI (Web interface) files to only allow access to creating reports; you can also use HTTP authentication to restrict access to Web interface pages (i.e., for certain users only).
The mentioned can be done by manually altering IPHost Web interface configuration. Please follow the below instructions (they assume you are running v5.0 of IPHost Network Monitor).
Setting reports-only page
1. Before you begin, make backup copies of
conf\ htdocs\
directories below IPHost installation directories. Full paths to the above directories typically look like
C:\Program Files (x86)\IPHost Network Monitor\conf C:\Program Files (x86)\IPHost Network Monitor\htdocs
correspondingly. Keep the mentioned backup copies, in case something goes wrong with the below steps.
2. Download the below file:
and unpack its contents:
report-template.html ui-reports.js
into htdocs\nms4 directory below IPHost installation directory; full path to the above directory typically is
C:\Program Files (x86)\IPHost Network Monitor\htdocs\nms4
Note: you can rename report-template.html to any file with .html extension (e.g. my-reports.html).
3. Open Web interface by clicking “Web Interface” button in IPHost GUI client. The URL that opens looks like this:
http://127.0.0.1:8084/nms/dashboard.html
(the part in bold before /nms/ might be different for your installation), and replace ‘dashboard.html’ with ‘report-template.html’ (or whatever name you chose for that file). In this example, the URL will look like this:
http://127.0.0.1:8084/nms/report-template.html
The above page only provides access to reports generating.
If you wish, you can also restrict access to the above page to certain users only. Follow the below steps to do that.
Restricting access to reports page
4. Open conf/httpd.conf file in any text editor (such as Notepad) and make sure that the following lines are present (typically between lines 77 and 152 of the mentioned file):
LoadModule authz_core_module modules/mod_authz_core.so LoadModule auth_basic_module modules/mod_auth_basic.so LoadModule auth_digest_module modules/mod_auth_digest.so LoadModule authn_core_module modules/mod_authn_core.so LoadModule authn_file_module modules/mod_authn_file.so LoadModule authz_host_module modules/mod_authz_host.so LoadModule authz_user_module modules/mod_authz_user.so
(if matching line is prefixed with ‘#’ character, just remove the character; if line is missing altogether, insert it)
Now scroll to the end of conf\httpd.conf file and insert the text between dashed lines:
<Location "/nms/report-template.html">
AuthName "Monitoring"
AuthType Basic
AuthBasicProvider file
AuthUserFile "C:/Program Files (x86)/IPHost Network Monitor/conf/basic-access.txt"
Require valid-user
</Location>
Note: if report generation file name is different from ‘report-template.html’, change the first line of the above text block correspondingly.
Save changes to file.
5. Open cmd.exe (Run as Administrator) and navigate to conf\ directory; command would typically look like
cd "C:\Program Files (x86)\IPHost Network Monitor\conf"
Run the below command to add user name and password, to access the newly added page:
htpasswd.exe -c basic-access.txt username
User whatever user name you wish instead of username. The program will ask for its password twice.
To add more users, and/or to change the password for existing one(s), run the above command without ‘-c’ parameter, i.e.
htpasswd.exe basic-access.txt anotheruser
In the same cmd.exe window run the below command:
..\NMSWebServr.exe -t
It should output the single line:
Syntax OK
If it prints something else (reports an error), please re-check steps 3 and 4.
6. Restart IPHost monitoring service (from IPHost GUI client’s “Tools” menu). Now try to access the page
http://127.0.0.1:8084/nms/report-template.html
(use the actual URL mentioned on step 2). It should request name and password of any user you entered on step 4).
7. You might wish to allow access to all the other Web interface pages to certain user only. In cmd.exe window, opened at step 5, issue command
htpasswd.exe basic-access.txt admin
(use whatever name you need instead of admin) and enter its password.
Now open conf/httpd.conf file in text editor, scroll to its end and add lines like below between dashed lines:
<LocationMatch "^/nms(_mobile)?/(dashboard|ui|alerts|simpledashbord)\.html">
AuthName "Monitoring"
AuthType Basic
AuthBasicProvider file
AuthUserFile "C:/Program Files (x86)/IPHost Network Monitor/conf/basic-access.txt"
Require user admin
</LocationMatch>
Save the file and run
..\NMSWebServr.exe -t
to ensure there are no errors. After that, restart IPHost monitoring service for changes to take effect.
