Ad Widget

**JBo** · 17-02-2012, 11:10

Hi,

Originally posted by my36

Is there a way to avoid sending passwords in the login URL in clear text?

I have forced https, but that still leaves everyones passwords in the
apache access logs.

In which version of Zabbix are you seeing that ?
I don't see any problem in 1.8.10.

I have also checked 1.9.9 and the problem is there.
There is an open bug report about it : https://support.zabbix.com/browse/ZBX-3735, I have added a comment.
According to this bug report, it should be fixed in 2.0 (1.9.x is a development version).

Regards,
JBo

**JBo** · 17-02-2012, 11:22

I have attached a patch to https://support.zabbix.com/browse/ZBX-3735 that corrects this problem.

JBo

**my36** · 17-02-2012, 15:18

I'm using 1.9.8.

Merci JBo.

I very much appreciate the patch.

Moreover, I appreciate the excellent support I'm getting on the forums. We are rolling out
Zabbix to replace the commercial monitoring software we used to use and pay for. Zabbix
(beta) is more stable, easier to use and comes with better support (free) than what we had
been paying for!

Zabbix rocks.

Ad Widget

passwords in url in clear text - not good

passwords in url in clear text - not good

Comment

Comment

Comment