Database Monitoring
Database monitoring Database monitoring - DB check for access and regular execution of the specified query.

Database monitoring feature allows to run a query during every check and react in the appropriate way on the result. Also, it is possible to check just possibility to connect to DB - by ignoring the query field. To set the monitoring, fill the connection data: DB server address, port, database name, login and password of a user for connection. We strongly recommend to create the new user with limited rights. However, do not forget to provide him enough rights for performing the supposed actions. Also, it is necessary to add HostTracker servers addresses, to the whitelists on firewall or other blocking software, to allow the access. The addresses are permanent, and are listed on the same form.

Create ContentCheck Task

There could be arbitrary query - SELECT, UPDATE, DELETE, INSERT, execution of stored procedures (like scheduler), results comparison, logical operations. The only restriction is execution time - it should not take longer than 30 seconds. Otherwise, the timeout error will be reported.

It is recommended to create the queries which display the necessary value in the first row of the first column. This result can be analysed. For UPDATE, INSERT, DELETE queries the number of affected rows is analysed. There are different ways to analyse the resulted value by comparison with specific preset - equal/not equal/higher/lower/in range. In case the condition is not satisfied, no connection to DB, query timeout - the error is reported.

Create ContentCheck Task
  • CM.Glossary.WebsiteMonitoring
  • CM.Glossary.ContentCheck
more glossary
"

Very usefull service, helps us to monitor activity of our sites.

"
- A.
What could we check by using the cloud services? Part 2

  In the beginning, HostTracker company was founded on the basis of a simple website to provide free customer services. Though, a few years later, this startup developed a wide variety of tools serving to solve various problems, including different network issues. In a series of publications, we have decided to describe thoroughly all the features of our service, also to share our experience in the development of such projects with you and to mention interesting challenges that we faced. 

In the beginning, HostTracker company was founded on the basis of a simple website to provide free customer services. Though, a few years later, this startup developed a wide variety of tools serving to solve various problems, including different network issues. In a series of publications, we have decided to describe thoroughly all the features of our service, also to share our experience in the development of such projects with you and to mention interesting challenges that we faced. Moreover, for those seeking an example of how to sell something that had been made for themselves, our experience would be useful, as most of our features were developed due to our personal needs.

In the previous part of the review we have talked about the history of the service and the most basic functions - regular inspection of sites and servers, and what is more, notification of their efficiency. Before starting to describe more advanced features, we should write where do all these ideas come from and how to prioritize them. One of the key secrets often used by entrepreneurs is to follow the statement: all people are unique. All customers’ requests are unique, so you have to learn how to deal with them. Therefore the IT sector is utterly susceptible to this factor, as a great number of customers have profound knowledge and diverse experience. Nevertheless, part of the problems can be solved with available resources. However, the main feature of our work is that, frequently, we have to evolve something. Most of the HostTracker’s functions were developed or adapted due to the conveniences and needs of the particular people. We are also a part of that people, as having rather large infrastructure, and also need to have everything work properly. Therefore, we ourselves are the most picky client.


Precious little things

It worth noting, that in addition to different regular checks, there are other useful tools. They include monitoring of the domain and SSL certificate expiration time. This seems to be negligible, but could bring a lot of unexpected inconveniences to work. These functions appeared in HostTracker, when one of our personal domains had expired. Moreover, large companies also frequently face these problems, as the prolongation of the domain /certificate expiration time depends on the unreliable human factor. Therefore, a notification that the domain should be prolongated, is stored not only within spam folder (already overflowed with continuous marketing messages from your hosting company), but also to the folder with the data of website downs. As well as, the SMS notification capability still exists. That’s why these features are being so handy.

Another interesting feature is the domain check to see if they are blacklisted in DNS-based lists. These lists are independent and are generated separately using different algorithms. What is more, they were mainly created for filtering of the suspicious entities. Each administrator can configure own web server in different ways, for example, not to receive messages from the servers from a specific list. It helps fight off spam, malware spread, DDoS attacks and other problems. But all of these lists have their own algorithms, and there is no guarantee that in the result of any coincidences your website wouldn’t appear in any of these blacklists. Moreover, according to the statistics, this is happening on a regular basis with the most innocent sites. For example, no one can guarantee that a hacker wouldn’t use your nearby IP for different spam attacks. In this situation, the entire range of IPs would be considered as unreliable. What are the consequences of that?  Your messages wouldn’t be delivered to customers, the site wouldn’t be so easily found in search system and so on. Furthermore, you will find out this problem when the changes become critical or even irrevocable. Therefore, the monitoring and notification of DNSBL are also essential.

The content check

Here is a good example of how the usage of functions may exceed developers expectations. We have mentioned about several such cases earlier. Actually, nowadays a lot of things have a web interface whilst for others – it could be easily created, if needed. Therefore, it was developed not only the check function of whether the page was loaded completely using simple parsing, but also another mind-boggling things of this check. Adapting to different customer requests, this feature has become very flexible. It may look for one or plenty of words from the list at once. Moreover, it may detect the emergence of certain phrases. This feature may also raise as an error the whole line that contains the keyword. For instance, if there is a kind of server-status page (“Server 1 OK” etc.) and it shows “Error”, then the message will be “1 Server Error”.  In this case, all diagnostic is already done, and you can start troubleshooting immediately.

What if it happens, that the server should be down?

In addition to the notification of the failures of the sites, HostTracker provides another important function – gathers statistics of each examined site. When the various buttons on the sites were popular – HostTracker’s button also often appeared with the figures of website attendance, the weather forecasts and other things like that. Now it is possible to use a widget, but still the button is also available for retro fans. In addition, statistics is very important for managers. They constantly want to know whether the website and administration of it are working properly. Therefore, there is another useful function - the maintenance planning. Even the most stable sites and servers must be updated or rebooted from time to time. At the same time, it’s not the desired to lose so-called “9s” in terms of uptime. Planning of the maintenance let us achieve two goals (together or separately). This includes: not to send error notifications and not to record errors to the statistics during a specific span of time. Of course, it seems to be a kind of cheating, but outlined maintenances are justified, especially in excluded time. In addition to this, different verifications have being done and written to the log during maintenances. It can be useful for webmasters and administrators, as log let determine exactly the duration of updating or restarting processes, any occurred errors, other breakages etc. Moreover, thanks to that, the whole process of error emergence could be tracked: from the stage when the server wouldn’t be available for some time to the stage when the application would return an error.

Maintenance can be scheduled as a one-time job or on a regular basis. For example, if the backup is done every night, or a new release - every Thursday. The only condition is that the maintenance schedule should be made up at least 12 hours prior to the site/server nearest suspension period of time. This is done to ensure that all maintenances won’t be responsible for any pity unexpectancies, and statistics provided by HostTracker will be trustful.

A kind of an epilogue

We are frequently asked why we are doing this. The same things could be done without HostTracker’s help.  And you know what - definetely, they could. Especially, if you need only one tool. Many people are talking, that the whole Business World is built on human laziness. By solving routine problems, HostTracker provides a slice of work-free and responsibility-free time in the customer’s schedule. Truly, not everyone is able to assemble a car by himself. We look up to people, who are eager to create something good for personal needs in our field, but most people don’t want to spend their free time for doing something like that.

Additionally, our clients are: non-IT specialists; IT specialists who have to report something to their managers; managers themselves; fans of reliability – they use their own tools and take advantages of someone else’s; and many other groups of people.

All in all, we are always looking forward to your comments.

more blog
Thank you for feedback!
 
Sign In
Sign Up
Prices & packages
Our monitoring network
Home > Blog > Shellshock

Considering the recently discovered Shellshock vulnerability, HostTracker has created a tool for testing it.

Check your server for vulnerability

How does it work?

It is developed for a Linux server with a web server installed on it. The algorithm is very simple. We consequently generate 4 http requests:

  • 1. Ordinary request
  • 2. The request tries, using vulneratility, post a "harmful" cookie which causes 2-seconds delay in respond to our special http request.
  • 3. The request tries, using vulneratility, post a "harmful" cookie which causes 4-seconds delay in respond to our special http request.
  • 4. Same as #3

How to understand the result?

We compare response time for all 4 requests. Three situation are possible:

  • 1. Vulnerability found. We may affirm that if the difference in responses is about 2 seconds for requests without cookie and with 2-second-delay cookie, as well as for requests with 2 and 4-second delay cookie. It means that our request was able to use the vulnerability and set these cookies.
  • 2. Vulnerability not found. All the requests have about the same response time. The cookies, likely, were not installed because there is no vulnerability.
  • 3. Uncertain situation. If the response time differs widely, without coincidence with preset by cookies delay, we can not say for sure. It could be if the server is under high load. To check this, we use two requests with same cookies (#3 and #4). If the response time for two same checks varies, we make a conclusion that the response time is not affected by cookies. At least, not only by them. So in this case our method can not detect vulnerability

Safety of checks

Our test can not damage your server. The risk consists of appearance of one extra-cookie, which is used only for our requests and can not affect normal work-flow of your site.

Share:
Send to Twitter Send to Facebook Send to LinkedIn Share on Google+
Blogs:
HostTracker blog HostTracker page on Facebook