Q: I need to restrict access to web interface pages. How can I do that?
A: Web server, bundled with IPHost Network Monitor, is supplied with two authentication modules, providing Basic and Digest authentication. Below are instructions on how to use either of them.
In the settings listed below, <IP address> should be replaced with IP address or host name used by Web interface. Open Settings -> Web Interface in IPHost GUI client, to see that address in “Host” field.
If that field is “$AUTO”, click on “Web Interface” button to launch Web interface in browser. Look at address string; it contains something like
http://10.20.30.40:8084/nms/dashboard.html
The hostname/IP address (shown in bold above) should be used instead of <IP address> below.
IPHost Network Monitor installation path is usually either
C:\Program Files\IPHost Network Monitor
or
C:\Program Files (x86)\IPHost Network Monitor
Use the actual installation path in the below instructions, instead of <IPHost installation path>.
Using Basic HTTP authentication
1. Make a backup copy of
<IPHost installation path>\conf\httpd.conf
2. Run cmd.exe (Run as Administrator) and navigate to <IPHost installation path>
cd <IPHost installation path>
Note: use actual IPHost Network Monitor installation path as explained above, instead of the string <IPHost installation path>
3. Generate password file: run the below command in your cmd.exe:
htpasswd.exe -c basic-access.txt username
You will be asked twice to enter password for user name. Note: for all subsequent user names, use the command
htpasswd.exe basic-access.txt username
otherwise you will overwrite all the earlier entered users credentials.
4. Open conf\httpd.conf in any text editor, such as Notepad. Locate file part between the two below lines:
<IfModule nms_module> </IfModule>
and replace with the below text block:
<IfModule nms_module>
<LocationMatch "^/nms(_mobile)?/.*$">
Order deny,allow
Allow from <IP address>
Deny from all
Satisfy Any
AuthType Basic
AuthName "Monitoring"
AuthBasicProvider file
AuthUserFile "C:/Program Files (x86)/IPHost Network Monitor/conf/basic-access.txt"
Require valid-user
</LocationMatch>
</IfModule>
Use actual installation path in AuthUserFile line and use Web interface default IP address instead of <IP address>
5. Save conf\httpd.conf file changes. Run the below command in cmd.exe:
NMSWebServr.exe -t
If an error is reported, check the conf\httpd.conf for shown problems.
6. Stop monitoring service from IPHost GUI client’s Tools menu and start it again.
Using Digest HTTP authentication
1. Make a backup copy of
<IPHost installation path>\conf\httpd.conf
2. Run cmd.exe (Run as Administrator) and navigate to <IPHost installation path>
cd <IPHost installation path>
Note: use actual IPHost Network Monitor installation path as explained above, instead of the string <IPHost installation path>
3. Generate password file: run the below command in your cmd.exe:
htdigest.exe -c user-access.dat Monitoring username
You will be asked twice to enter password for user ‘username’. Note: for all subsequent user names, use the command
htdigest.exe user-access.dat Monitoring username
otherwise you will overwrite all the earlier entered users credentials.
4. Open conf\httpd.conf in any text editor, such as Notepad. Locate file part between the two below lines:
<IfModule nms_module> </IfModule>
and replace with the below text block:
<IfModule nms_module>
<LocationMatch "^/nms(_mobile)?/.*$">
Order deny,allow
Allow from <IP address>
Deny from all
Satisfy Any
AuthType Digest
AuthName "Monitoring"
AuthDigestProvider file
AuthUserFile "C:/Program Files (x86)/IPHost Network Monitor/conf/user-access.dat"
Require valid-user
</LocationMatch>
</IfModule>
Use actual installation path in AuthUserFile line and use Web interface default IP address instead of <IP address>
5. Save conf\httpd.conf file changes. Run the below command in cmd.exe:
NMSWebServr.exe -t
If an error is reported, check the conf\httpd.conf for shown problems.
6. Stop monitoring service from IPHost GUI client’s Tools menu and start it again.
Related topic
Why email alerts are not delivered?
How to set up secure access to Web interface?
