When running the Website Wizard it creates $ARG1$ as follows:
-s "STRING" -f -I IPADDR -u "http://www.website.com/index.cfm" -p 80.
-u is the string entered in step one, which requires the website and full path. However, -u should only be the path. Using the full URI causes the check to fail.
-u, --url=PATH
URL to GET or POST (default: /)
./check_http -H http://www.website.com -s "STRING" -f -I IPADDR -u "http://www.website.com/index.cfm" -p80
HTTP CRITICAL - string not found|time=0.162494s;;;0.000000 size=2817B;;;0
./check_http -H http://www.website.com -s "STRING" -f -I IPADDR -u "/index.cfm" -p 80
HTTP OK HTTP/1.1 200 OK - 0.199 second response time |time=0.198806s;;;0.000000 size=1406B;;;0
Thanks,
Andy
Website Wizard Content Check Failure
Re: Website Wizard Content Check Failure
We will take a look at this, thank you for bringing this to our attention.
Re: Website Wizard Content Check Failure
I have more information on this. It is not that the content check doesn't work, it is that a Web Application Firewall (dotDefender) is blocking the request. The reason why is that the request is malformed. It is a correct statement that the "-u" should not include the full URI, just the path, as the request ends up looking as such (Note the dotDefender line under the User-Agent):
GET http://www.server.com/index.cfm HTTP/1.0
Connection: close
Host: http://www.server.com
User-Agent: check_http/v2053 (nagios-plugins 1.4.13)
X-dotDefender-first-line: GET http://www.server.com/ HTTP/1.0
The request should be:
GET /index.cfm HTTP/1.0
Connection: close
Host: http://www.server.com
User-Agent: check_http/v2053 (nagios-plugins 1.4.13)
If a server does not have dotDefender installed, the content check technically does work, but dotDefender sees the full URI in the GET request as an attempt to use the web server as a Proxy, and denies the request .
Date 01/13/11
Time 12:46:46
Rule Category Anti-Proxy Protection
More Info ^GET (http|https|ftp)\:/
Applied Policy Deny
IP Address 192.168.64.55
Port Number
Destination URL http://www.server.comhttp://www.server.com/index.php
Request Method GET
Site Profile Default Security Profile
Reference ID 3B08-2F71-8DCF-ED11
Severity 0
Standard (non-content checking) HTTP checks do not fail with dotDefender 3.x, because when it intercepts and denies the request, it does so with a 200 error and a page that says Denied, with a dotDefender Reference ID.
GET http://www.server.com/index.cfm HTTP/1.0
Connection: close
Host: http://www.server.com
User-Agent: check_http/v2053 (nagios-plugins 1.4.13)
X-dotDefender-first-line: GET http://www.server.com/ HTTP/1.0
The request should be:
GET /index.cfm HTTP/1.0
Connection: close
Host: http://www.server.com
User-Agent: check_http/v2053 (nagios-plugins 1.4.13)
If a server does not have dotDefender installed, the content check technically does work, but dotDefender sees the full URI in the GET request as an attempt to use the web server as a Proxy, and denies the request .
Date 01/13/11
Time 12:46:46
Rule Category Anti-Proxy Protection
More Info ^GET (http|https|ftp)\:/
Applied Policy Deny
IP Address 192.168.64.55
Port Number
Destination URL http://www.server.comhttp://www.server.com/index.php
Request Method GET
Site Profile Default Security Profile
Reference ID 3B08-2F71-8DCF-ED11
Severity 0
Standard (non-content checking) HTTP checks do not fail with dotDefender 3.x, because when it intercepts and denies the request, it does so with a 200 error and a page that says Denied, with a dotDefender Reference ID.
Re: Website Wizard Content Check Failure
Thanks for posting the info on this, I think we'll add this to our FAQ for future reference.
Re: Website Wizard Content Check Failure
Will a correction be made to the code?
Thanks,
Andy
Thanks,
Andy
Re: Website Wizard Content Check Failure
Hello Andy,
for now we will be adding this to the documentation and will be added to the Wiki as well. If you wish you can request it in the bug tracker to be added as a feature in future updates.
Thanks!
for now we will be adding this to the documentation and will be added to the Wiki as well. If you wish you can request it in the bug tracker to be added as a feature in future updates.
Thanks!
Re: Website Wizard Content Check Failure
I believe the latest revision of the wizard fixes the problem with the URL/path argument. You can get it at:
http://assets.nagios.com/downloads/nagi ... ebsite.zip
Once you download it to your workstation/pc, upload it through the Nagios XI interface on the "Config Wizards" admin page.
http://assets.nagios.com/downloads/nagi ... ebsite.zip
Once you download it to your workstation/pc, upload it through the Nagios XI interface on the "Config Wizards" admin page.
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.
Ethan Galstad
President
Ethan Galstad
President
Re: Website Wizard Content Check Failure
Works perfectly. Thanks!!
Re: Website Wizard Content Check Failure
Glad to hear it! Thanks for letting us know.