I have ZM running more or less fine and can see the console at localhost/zm as expected - but from the outside world logging in directly to the ip address with out /zm suffix anyone can see the events, images or temp folders.
As I recall last time I fixed it one of three ways
1. Make a link directly to /zm
or
2. Changed the permissions for said folders.
or
3. Changed something in the apache.conf folder
Any suggestions as to what is the best way ?
I really should take notes of these little tweaks for future reference

Tim
EDIT
Looks like I've recovered a few brain cells and created a temporary but not perfect fix by simply putting and index.html link in the /var/cache/zoneminder folder ie the page root of apache.
Now to figure a 'proper' fix