POST method example
POST method example Example of monitoring a webform with POST method.

For example you have such simple form:
form action="some-site.com/some-script.cgi" method=post
input type=text name=login value=''
input type=password name=password value=''
input type=submit name='Submit' value='Login'
/form
User fill this form with value login: Peter and password: 1234 and click submit. If everything is Ok, script prints "LoginOk" on the result page.
For making a monitoring task to control this script, create task with next fields:

URL: some-site.com/some-script.cgi
Http Method: choose POST
In "POST parameters" field you should add three strings:
login=Peter
password=1234
Submit=Login
In "Content check" field: LoginOk
Results: HostTracker with every check will fill this form and assume that it is OK if the set keyword LoginOk is returned.

  • CM.Glossary.WebsiteMonitoring
  • CM.Glossary.HTTPMethods
more glossary
"

I like to know when my services are down, and how much time does it take to recover.

"
- LP
Domain Expiration Monitoring

HostTracker gives you a unique opportunity to take an ultimate control over your website and increase its performance to new levels. Our service features lots of different handy tools that will let you monitor your website activity constantly and be the very first to know when you need to take actions...

In today’s fast-paced tech-savvy world, having a quality website monitoring service in place is a must to achieve top website speed, performance, and subsequent business success. HostTracker gives you a unique opportunity to take an ultimate control over your website and increase its performance to new levels. Our service features lots of different handy tools that will let you monitor your website activity constantly and be the very first to know when you need to take actions. All critical information will be brought directly to you through email, SMS or voice call, or via direct message on Viber, Skype, Hangouts, Telegram or Slack. All you need to do is decide how, when and where you want to receive these alert notifications. With our service on board, you will say goodbye to those pesky website problems caused by your hosting company, DDoS attacks and missed domain (SSL Certificate) renewal.

The nasty reality of expired domains

Here are a few reasons why dropping a domain name, even if it is fast recovered, is not a good idea:

  1. A heavy drop in search engine rankings and coming traffic.

  2. Undermined credibility. When it comes to domains there’s nothing worse than your domain name taken by others and used for malicious purposes. Yep, you got it right, domain hijacking is real! And once you’ve got your domain expired, you become very vulnerable to this kind of threat, yet you can’t guarantee safe user experience. This means you risk to lose your customer info, brand reputation, and money as well. Well, but that’s not all… What about your potential customers? Few would disagree that another important reason why many people are prone to abandon the particular website is its accessibility. No doubt, no one likes to wait. And if it comes to making a purchase online your potential customer will wait only 3 minutes prior to leave and never come back.

  3. Financial losses. Say, you’re the loyal client of particular bank or stock exchange, you’ll be definitely really upset to discover that you can’t check your financial info as the service seems to be down. Truly, the Internet is littered with tragic examples of how big companies including banks dropped domains and run into financial trouble because of that.

Let’s take a second to think about how hard it is to stay on track with the domain expiration. Actually, it's not quite that easy at all. Suppose you’ve got about 100-300 websites and even more email addresses. Moreover, every day you’ve got your Inbox bombarded with tons of different emails. Obviously, it’s really easy to scroll on some important information such as a reminder from your registrar in such a hectic situation.

If you don’t want to curse God for your memory lapses, consider jumping into some of the awesome monitoring tools like Domain expiration from HostTracker. With this tool in place, you won’t need to rely on your registrar. As you will be notified 30, 7 and 1 days before (and even after) the expiration of your domain by email or direct message.

Enabling notifications

Here are 5 simple steps to set HostTracker for sending you alerts of the impending domain expiration:

  1. Sign in.
  2. Upon successful login, navigate to Add check -> Domain expiration.

      3.  Enter your domain name or click on Add list if you have multiple domain names.

      4.  Click on the check boxes to select the contacts for notifications.

      5.  Click on Save when complete.

If you have Business or Enterprise packages, you’re opted to activate the domain/SSL expiration alert notifications for existing monitoring tasks.

Our service is still developing so should you have any questions, concerns or any comments to share, feel free to email our Support Team. You can also find us on Twitter, Facebook or Google+.

more blog
Thank you for feedback!
 
Sign In
Sign In
Sign Up
Prices & packages
Our monitoring network
Home > Blog > Shellshock

Considering the recently discovered Shellshock vulnerability, HostTracker has created a tool for testing it.

Check your server for vulnerability

How does it work?

It is developed for a Linux server with a web server installed on it. The algorithm is very simple. We consequently generate 4 http requests:

  • 1. Ordinary request
  • 2. The request tries, using vulneratility, post a "harmful" cookie which causes 2-seconds delay in respond to our special http request.
  • 3. The request tries, using vulneratility, post a "harmful" cookie which causes 4-seconds delay in respond to our special http request.
  • 4. Same as #3

How to understand the result?

We compare response time for all 4 requests. Three situation are possible:

  • 1. Vulnerability found. We may affirm that if the difference in responses is about 2 seconds for requests without cookie and with 2-second-delay cookie, as well as for requests with 2 and 4-second delay cookie. It means that our request was able to use the vulnerability and set these cookies.
  • 2. Vulnerability not found. All the requests have about the same response time. The cookies, likely, were not installed because there is no vulnerability.
  • 3. Uncertain situation. If the response time differs widely, without coincidence with preset by cookies delay, we can not say for sure. It could be if the server is under high load. To check this, we use two requests with same cookies (#3 and #4). If the response time for two same checks varies, we make a conclusion that the response time is not affected by cookies. At least, not only by them. So in this case our method can not detect vulnerability

Safety of checks

Our test can not damage your server. The risk consists of appearance of one extra-cookie, which is used only for our requests and can not affect normal work-flow of your site.

Share:
Send to Twitter Send to Facebook Send to LinkedIn
Blogs:
HostTracker blog HostTracker page on Facebook