HTTP methods
HTTP methods HTTP methods define actions, wished to perform to a specific site.

GET method is used when the page is loaded from server to your browser. If it works, your web page is available to load. It is the most common method among all, when you type a site address in your broswer - this method is used to show you the site content.

HEAD method is similar with GET, but it load from server only headers of your page. It is useful if You want to test just accessibility of a web page or review its headers.

POST method is used to send information from you to server. If a page includes text field(s) for filling, POST method is used when you click button "submit" (or whatever is name of that button). It brings information you have typed into those fields to server. So, if there are some text fields on your page, you can use this method. If it works, your web page is available to use, and text, typed into fields on your page, is able to be transferred to the server. An example of using POST method for Website Monitoring is provided in this article (You provide specific keywords, which are inserted into text fields).

  • CM.Glossary.WebsiteMonitoring
  • CM.Glossary.HTTP
  • CM.Glossary.POSTMethodExample
more glossary
"

Keep up the good work!

"
- biz
Shellshock vulnerability online check

Considering the recently discovered Shellshock vulnerability, HostTracker has created a tool for testing it.

Check your server for vulnerability

How does it work?

It is developed for a Linux server with a web server installed on it. The algorithm is very simple. We consequently generate 4 http requests:

  • 1. Ordinary request
  • 2. The request tries, using vulneratility, post a "harmful" cookie which causes 2-seconds delay in respond to our special http request.
  • 3. The request tries, using vulneratility, post a "harmful" cookie which causes 4-seconds delay in respond to our special http request.
  • 4. Same as #3

How to understand the result?

We compare response time for all 4 requests. Three situation are possible:

  • 1. Vulnerability found. We may affirm that if the difference in responses is about 2 seconds for requests without cookie and with 2-second-delay cookie, as well as for requests with 2 and 4-second delay cookie. It means that our request was able to use the vulnerability and set these cookies.
  • 2. Vulnerability not found. All the requests have about the same response time. The cookies, likely, were not installed because there is no vulnerability.
  • 3. Uncertain situation. If the response time differs widely, without coincidence with preset by cookies delay, we can not say for sure. It could be if the server is under high load. To check this, we use two requests with same cookies (#3 and #4). If the response time for two same checks varies, we make a conclusion that the response time is not affected by cookies. At least, not only by them. So in this case our method can not detect vulnerability

Safety of checks

Our test can not damage your server. The risk consists of appearance of one extra-cookie, which is used only for our requests and can not affect normal work-flow of your site.

more blog
Thank you for feedback!
 
Sign In
Sign Up
Prices & packages
Our monitoring network
Home > Glossary > POSTMethodExample
POST method example Example of monitoring a webform with POST method.

For example you have such simple form:
form action="some-site.com/some-script.cgi" method=post
input type=text name=login value=''
input type=password name=password value=''
input type=submit name='Submit' value='Login'
/form
User fill this form with value login: Peter and password: 1234 and click submit. If everything is Ok, script prints "LoginOk" on the result page.
For making a monitoring task to control this script, create task with next fields:

URL: some-site.com/some-script.cgi
Http Method: choose POST
In "POST parameters" field you should add three strings:
login=Peter
password=1234
Submit=Login
In "Content check" field: LoginOk
Results: HostTracker with every check will fill this form and assume that it is OK if the set keyword LoginOk is returned.

  • CM.Glossary.WebsiteMonitoring
  • CM.Glossary.HTTPMethods
Share:
Send to Twitter Send to Facebook Send to LinkedIn Share on Google+
Blogs:
HostTracker blog HostTracker page on Facebook