“Encrypting” the password field in web scenario authentication in ZABBIX.

We are just moving some of our monitoring to ZABBIX (old love never dies), and I was wondering if it is possible to somehow hide passwords – for me it was a huge security breach as I would like to grant access for someone to configuration – but I do not want that person to see the passwords for the accounts I have configured.

So I started to search the Internet and found that thread:

https://www.zabbix.com/forum/zabbix-help/48246-encrypt-the-password-in-web-monitoring

Guys was talking about my struggle, unfortunately Atsushi has replied quite cautiously. So I started digging – there is a little name convention problem but I have located the relevant file under:

/usr/share/zabbix/include/views/configuration.httpconf.edit.php

Later in the file you will find this:

$httpAuthenticationFormList
->addRow(_(‘User’),
(new CTextBox(‘http_user’, $this->data[‘http_user’], false, 64))
->setWidth(ZBX_TEXTAREA_STANDARD_WIDTH)
)
->addRow(_(‘Password’),
(new CTextBox(‘http_password’, $this->data[‘http_password’], false, 64))
->setWidth(ZBX_TEXTAREA_STANDARD_WIDTH)
)

Change the line responsible for http_password to the following:

(new CPassBox(‘http_password’, $this->data[‘http_password’], false, 64))

After saving the file, and refreshing the php website you will get this:

zabbix_webscenario_authentication_CPassBox

Et voilà !

zabbix_encrypted_webscenarios

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s