Documentation

Sidebar

Zabbix Summit 2022
View presentations

23 Upgrade notes for 3.0.13

More secure Zabbix setup

Several features have been implemented as part of an effort to "harden" the Zabbix web interface:

  • Same origin policy for IFrames. Zabbix now cannot be placed in frames on a different domain. Still, pages placed into a Zabbix frame will have access to Zabbix frontend (through JavaScript) if the page that is placed in the frame and Zabbix frontend are on the same domain. A page like http://secure-zabbix.com/cms/page.html, if placed into screens on http://secure-zabbix.com/zabbix/, will have full JS access to Zabbix.
  • Technical errors (PHP/SQL) are now hidden by default from non-Zabbix Super admin users and from users that are not part of user groups with debug mode enabled. This is configurable via the new ZBX_SHOW_TECHNICAL_ERRORS constant, set to 'false' by default.

Item changes

  • system.cpu.num agent item on AIX now returns a value based on the logical processors attached to an AIX LPAR and not the physical ones.