Requiring authentication for the web interface
In this recipe, we'll explore the use of basic authentication for the Nagios Core web interface, probably the single most important configuration step in preventing abuse of the software by malicious users.
By default, the Nagios Core installation process takes the sensible step of locking down the authentication by default in its recommended Apache configuration file, with standard HTTP authentication for a default user named
nagiosadmin, with full privileges.
Unfortunately, some administrators take the step of removing this authentication or never installing it, in spite of the recommendations in the installation guide. It's a good idea to install it and keep it in place even on private networks, ...