Cacti (home)ForumsDocumentation

This is an old revision of the document!

Configure a Web Server

Cacti functions with any web server which utilizes PHP and MySQL. It's up to the system admin to utilize Microsoft IIS, Apache, or something else.

Microsoft IIS



Instead of retyping all the instructions configuring PHP for FastCGI, please read the following links.

Note: IIS6 has the IIS_WPG user account. IIS7 it's called IIS_USRS

  1. Start the Internet Information Services (IIS) Manager, right click on the Default Web Site (in most cases) and select Properties.
  2. Under the Home Directory tab:
    1. Verify the PHP installer created a mapping for the .PHP extension to C:\PHP\php5isapi.dll.
    2. Verify the .PHP mapping has All Verbs and Script Engine checked.
  3. Under the ISAPI Filters tab:
    1. Click Add
    2. In the Filter Name field, type: .php.
    3. In the Executable field, click on Browse…
    4. Navigate to C:\PHP\php5isapi.dll.
    5. Click OK.
  4. Under the Documents tab, add index.php to the list.
  5. If using IIS6, goto Web Service Extensions and add a new Web Service Extension. Name the extension “php”, and click Add and browse to the php5isapi.dll file, enable Set Extension status to Enable, and click OK.
  6. Give the COMPUTERNAME\IUSR_ and COMPUTERNAME\IIS_WPG users Read & Execute permissions to the file C:\Windows\system32\cmd.exe. Yes, this can be a large security hole, but it's required so RRDTool can be launched for graphing by the anonymous web account. For slightly improved security, one can specify a separate custom User account which would be used for the /wwwroot/Cacti/ site. Then, instead of using IUSR_ everywhere throughout this document, replace it with the custom User account. This way, only a security hole in Cacti's code could exploit cmd.exe and not all sites on the IIS server.
    1. Right click on cmd.exe and select Properties.
    2. Click on the Security tab.
    3. Select the IUSR_ account
    4. Click on Read & Execute in the Permissions box.
    5. Repeat for the IIS_WPG user.
    6. Click OK.
  7. Both IUSR_ and IIS_WPG users will also need read permissions on C:\Inetpub\wwwroot\cacti\ and its subfolders.
    1. Right click on the folder C:\Inetpub\wwwroot\cacti and select Properties.
    2. Click on the Security tab.
    3. Click on Add… under the group or user names section.
    4. Type in IUSR_COMPUTERNAME or click Advanced… and Find Now. Repeat for the IIS_WPG account.
    5. Click OK to close the select users or groups window.
    6. Select the IUSR_COMPUTERNAME from the list.
    7. Select Read & Execute from the Permissions box.
    8. Repeat for the IIS_WPG account.
    9. At the bottom of the Security tab, click on Advanced….
    10. In the Permissions tab, click on Replace permissions entries on all child objects with entries shown here that apply to child objects.
    11. Click OK.
    12. Click Yes to the Security warning dialog box.
    13. Click OK to close the properties window.
  8. Give the IUSR_ and IIS_WPG users modify permissions to the folders C:\Inetpub\wwwroot\cacti\log and C:\Inetpub\wwwroot\cacti\rra.
  9. Completely stop and start the IIS service using the following commands from the command prompt. Alternatively, use the Service MMC snap-in under Administrative Tools:
    net stop iisadmin
    net start w3svc
  10. Verify PHP is functional by running: php -m at the command prompt.
    Note: If messages with, Cannot find module appearing, then there is something wrong with the MIBDIRS variable or missing mib files in the PHP\Extras\mib folder. Make sure the MySQL, SNMP and Sockets PHP modules are in the list.


  • Make sure you have stopped any IIS web servers before you proceed with Apache installation, or make sure Apache is configured on an alternate port.


  1. Download the latest version from Apache Lounge.
  2. Make sure to read the Windows specific notes
    1. Recommended path is <root>:\Apache2\ due to issues with paths with spaces.

Personal Tools