Skip to content
/ secure-weathermap Public

A zero-configuration security patcher for the Cacti Weathermap plugin that automatically adds robust, dynamic authentication to the editor to prevent unauthorized access.

License

MIT license
0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

shahedfardous/secure-weathermap

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
LICENSE
LICENSE
 
 
README.md
README.md
 
 
secureWeathermap.sh
secureWeathermap.sh
 
 

Repository files navigation

Cacti Weathermap Security Patcher

This script enhances the security of the Cacti Weathermap plugin by preventing unauthorized access to the map editor (editor.php). It ensures that only authenticated Cacti users with the correct permissions can access the editor, mitigating a common security vulnerability.

This updated version is now a zero-configuration script that automatically detects paths and settings, making it easier and safer to apply.

Key Features

  • Automatic Path Detection: Automatically discovers your Cacti and Weathermap installation from a list of common locations, removing the need for manual configuration.
  • 🔐 Dynamic Permission-Based Access: Intelligently queries the Cacti database to find the correct permission realm_id for Weathermap, ensuring the check is robust across different versions and installations.
  • 🔧 Auto-Detects Web Server User: Automatically identifies the correct web server user (apache, httpd, nginx, etc.) to apply file permissions, improving compatibility across different Linux distributions.
  • 🚫 User-Friendly Access Denied Page: Displays a clean, professional "Access Denied" page with a redirect timer if a user lacks permission.
  • 📦 Automatic Backup: Creates a timestamped backup of the original editor.php before making any modifications.
  • 📂 Disables Directory Listing: Creates a redirecting index.php file in the plugin directory to prevent web-based directory browsing.

Prerequisites

  • A Linux server with a running Cacti installation.
  • The Cacti Weathermap plugin must be installed.
  • root or sudo privileges are required for the script to run.

Single-Line Installation & Execution

To download and run the script directly on your server, use the following command. The script will automatically find your Cacti path, apply the patch, and set the correct permissions.

curl -sSL https://raw.githubusercontent.com/shahedfardous/secure-weathermap/main/secureWeathermap.sh | sudo bash

Because the script is now fully automated, manual configuration is no longer necessary for the vast majority of systems.

Disclaimer

This script modifies core plugin files. While it includes a backup mechanism, you should always perform a full backup of your Cacti database and web directories before running any new scripts. Review the code to ensure it aligns with your environment and security policies.

About

A zero-configuration security patcher for the Cacti Weathermap plugin that automatically adds robust, dynamic authentication to the editor to prevent unauthorized access.

Topics

weathermap php-weathermap cacti-weathermap secure-weathermap securing-weathermap weathermap-patch protect-weathermap

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages