Re: [monit] SSL issue

Mon, 15 Oct 2007 14:01:05 -0700

403 is access forbidden ... the webserver refused the request. Monit supports basic authentication (if this is the case), or you check some resource which is not restricted. 

Martin

On Oct 15, 2007, at 8:57 AM, Its Me wrote:


Hello,
I am running monit 4.10-beta1 now and with SSL I can work in means of using https to reach the server. This all goes fine but using a HTTPS check always 
fails so I guess I am doing something wrong.

He is my config:

set daemon 300 # Poll at 5-minute intervals
set logfile syslog facility log_daemon
set alert [EMAIL PROTECTED]
set httpd port xxxx and use address www.xxxx.zz
   ssl enable
   pemfile /var/certs/monit.pem
   allow localhost  # Allow localhost to connect
   allow home.xxxx.zz  # Allow other to connect
   allow name:pass # Allow Basic Auth

check system www.xxxx.zz
   if loadavg (1min) > 10 then alert
   if loadavg (5min) > 10 then alert
   if memory usage > 75% then alert
   if cpu usage (user) > 85% for 2 cycles then alert
   if cpu usage (system) > 30% for 2 cycles then alert
   if cpu usage (wait) > 20% for 2 cycles then alert

check process httpd with pidfile /var/lib/apache/logs/httpd.pid
   start program = "/var/lib/apache/bin/apachectl startssl"
   stop program  = "/var/lib/apache/bin/apachectl stop"
   if children > 35 for 2 cycles then restart
   if failed port 80 protocol HTTP for 2 cycles then alert
if failed port 443 type TCPSSL protocol http for 2 cycles then alert 

check process sshd with pidfile /var/run/sshd2_22.pid
   start program = "/usr/local/sbin/sshd"
   stop program  = "/bin/killall sshd-2"
   if failed port 22 protocol ssh for 2 cycles then alert

check process mysql with pidfile /usr/local/mysql/var/www.pid
if failed host 127.0.0.1 port 3306 protocol mysql for 2 cycles then alert 

check process sendmail with pidfile /var/run/sendmail.pid
   if failed port 25 protocol smtp for 2 cycles then alert

check process bind9 with pidfile /var/run/named.pid
   if failed port 53 for 2 cycles then alert

check process qpopper with pidfile /var/run/popper.pid
   if failed port 110 type TCP protocol POP for 2 cycles then alert

check host www.xxxx.cc with address 1.2.3.4
   if failed port 22 protocol ssh for 2 cycles then alert
   if failed port 80 protocol http for 2 cycles then alert
if failed port 443 type TCPSSL protocol http for 2 cycles then alert 

check host aaa.xxxx.zz with address 1.2.3.4
   if failed port 80 protocol http for 1 cycles then alert

check host www.xxxx.vv with address 1.2.3.4
   if failed port 80 protocol http for 1 cycles then alert

SYSLOG
Oct 15 00:24:01 www monit[5099]: HTTP error: Server returned status 403 Oct 15 00:24:01 www monit[5099]: 'httpd' failed protocol test [HTTP] at 
INET[localhost:443] via TCPSSL
Oct 15 00:24:02 www monit[5099]: HTTP error: Server returned status 403 Oct 15 00:24:02 www monit[5099]: 'www.xxxx.cc' failed protocol test [HTTP] at 
INET[1.2.3.4:443] via TCPSSL
Oct 15 00:24:20 www monit[5099]: HTTP error: Server returned status 403 Oct 15 00:24:20 www monit[5099]: 'httpd' failed protocol test [HTTP] at 
INET[localhost:443] via TCPSSL

What could be the issue ?

Rgds .....


--
To unsubscribe:
http://lists.nongnu.org/mailman/listinfo/monit-general




--
To unsubscribe:
http://lists.nongnu.org/mailman/listinfo/monit-general

Reply via email to