Enable cross-origin requests in Zabbix

Recently, I received a couple of requests asking about how to get zabbixweb working on an external server, as by default you can’t hit the Zabbix API from external servers on both the appliance downloaded from the Zabbix site and the default install on RHEL-based Linux servers. I looked back at my original blog post, and sure enough, I forgot to explain how to do that! Here are some (very belated) instructions, assuming you’re running Apache as your webserver:

Browse to your Zabbix web root, typically /usr/share/zabbix. Open the .htaccess file in this directory (you will probably need to create it), and add the following lines:

 Header always set Access-Control-Allow-Origin "*"
 Header always set Access-Control-Allow-Methods "POST, GET, OPTIONS"
 Header always set Access-Control-Allow-Headers "Content-Type"
 RewriteEngine On
 RewriteCond %{REQUEST_METHOD} OPTIONS
 RewriteRule .* / [R=200,L]

Also, in your Apache configuration, specifically in /etc/httpd/conf.d/zabbix.conf (on CentOS installations, anyway), change “AllowOverride None” to “AllowOverride All” to allow that .htaccess file to work.

Once you’re done with this, restart the Apache server.

You should now be able to serve requests to an external server hitting the Zabbix API!

Leave a Reply