Le 10/08/2011 09:23, Martin Pala a écrit :
The sample monit configuration file comes with example of "set httpd port 2812 …" limited to localhost with default admin/password. There are no services configured in the sample config file though (only sample comments) so no actions are possible and no data presented, even if you'll start it using the sample configuration without changes and somebody will figure out that monit was started on localhost:2812 with default admin:monit credentials, only local users will be able to access it and they'll see only the system load and cpu+memory usage (which they can see locally even without accessing monit - using "vmstat", etc.).
Hello, even I think it is not a good idea, you can also run monit in crontab and not in daemon mode. But this is then dependent to cron (I saw crond up and running, seems to work but not working ...) I don't recommand to do this though. Generally speaking, monit is very light in whatever (except for usefulness :>)..), and other posts tell you how to be safe with the web app : using localhost with a good password is sufficient. (I mean not more unsecure than sshd running with simple password access permitted rather than RSA.) Personnaly I run Denyhosts for ssh bad login attempts, that work nice, I guess you can also parse the monit log file with denyhosts regex extension in order to drop any bad login to the web app. (I don't know the format of bad login log for monit web app ... Maybe Martin can help, or read the source) Regards. -- To unsubscribe: https://lists.nongnu.org/mailman/listinfo/monit-general
