POST method example
POST method example Example of monitoring a webform with POST method.

For example you have such simple form:
form action="some-site.com/some-script.cgi" method=post
input type=text name=login value=''
input type=password name=password value=''
input type=submit name='Submit' value='Login'
/form
User fill this form with value login: Peter and password: 1234 and click submit. If everything is Ok, script prints "LoginOk" on the result page.
For making a monitoring task to control this script, create task with next fields:

URL: some-site.com/some-script.cgi
Http Method: choose POST
In "POST parameters" field you should add three strings:
login=Peter
password=1234
Submit=Login
In "Content check" field: LoginOk
Results: HostTracker with every check will fill this form and assume that it is OK if the set keyword LoginOk is returned.

  • CM.Glossary.WebsiteMonitoring
  • CM.Glossary.HTTPMethods
more glossary
"

Very usefull service, helps us to monitor activity of our sites.

"
- A.
Shellshock vulnerability online check
Considering the recently discovered Shellshock vulnerability, HostTracker has created a tool for testing it.
Check your server for vulnerability

How does it work?

It is developed for a Linux server with a web server installed on it. The algorithm is very simple. We consequently generate 4 http requests:

  • 1. Ordinary request
  • 2. The request tries, using vulneratility, post a "harmful" cookie which causes 2-seconds delay in respond to our special http request.
  • 3. The request tries, using vulneratility, post a "harmful" cookie which causes 4-seconds delay in respond to our special http request.
  • 4. Same as #3

Results of the test

How to understand the result?

We compare response time for all 4 requests. Three situation are possible:

  • 1. Vulnerability found. We may affirm that if the difference in responses is about 2 seconds for requests without cookie and with 2-second-delay cookie, as well as for requests with 2 and 4-second delay cookie. It means that our request was able to use the vulnerability and set these cookies.
  • 2. Vulnerability not found. All the requests have about the same response time. The cookies, likely, were not installed because there is no vulnerability.
  • 3. Uncertain situation. If the response time differs widely, without coincidence with preset by cookies delay, we can not say for sure. It could be if the server is under high load. To check this, we use two requests with same cookies (#3 and #4). If the response time for two same checks varies, we make a conclusion that the response time is not affected by cookies. At least, not only by them. So in this case our method can not detect vulnerability

Safety of checks

Our test can not damage your server. The risk consists of appearance of one extra-cookie, which is used only for our requests and can not affect normal work-flow of your site.

more blog
Thank you for feedback!
 
Partners
Sign In
Sign Up
Prices & packages
Our monitoring network
Home > Partners

Our partners

Partner Description
Honest and unbiased web hosting reviews for shared hosting providers. They rank web hosting providers based on uptime %, page load times, support quality and cost
Review Squirrel - web hosting reviews
Real web hosting reviews from real people - Find out what people are saying about web hosting companies on social media to help you choose web hosting.
MaxiDed - worldwide dedicated server provider and secure hosting service. Accepts BITCOIN payments. The solutions provide savings, reliability and quality for customers. High performance service and on-line support 24/7.


Our company is always open to cooperation! If you want to be our partner, please contact us

If you wish to become our hosting partner, please visit this page: Become hosting partner

Share:
Send to Twitter Send to Facebook Send to LinkedIn Share on Google+
Blogs:
HostTracker blog HostTracker page on Facebook