- Restrict web UI to admin subnets.
- Use HTTPS and authentication for the UI.
- Block public access to plugin endpoints.
¶ Authentication and Access
- Use distinct admin accounts.
- Restrict command permissions to specific users.
¶ Plugins and Checks
- Only install trusted plugins.
- Avoid running plugins with unnecessary privileges.
- Run Nagios as a dedicated user.
- Keep Nagios Core and plugins updated.
Do you need help or support? Feel free to contact us!