[Solved] HTTPS vhost - after forcing redirect

Support forum for Nagios Core, Nagios Plugins, NCPA, NRPE, NSCA, NDOUtils and more. Engage with the community of users including those using the open source solutions.
Locked
Sentenced
Posts: 3
Joined: Mon Apr 08, 2013 12:20 pm

[Solved] HTTPS vhost - after forcing redirect

Post by Sentenced »

Hi,

I have an issue with one of my checks. Basically I'm trying to monitor a HTTPS vhost. Initial setup was fine, for both HTTP and HTTPS.
The issue occur when I deployed the site live. Because the client wishes to force HTTPS, I'm getting the following:


The response from HTTPS vhost:

Code: Select all

root@hera:/usr/local/nagios/libexec# ./check_http -I 10.123.45.67 -H domain.com -S
HTTP WARNING: HTTP/1.1 403 Forbidden - 7472 bytes in 0.101 second response time |time=0.100901s;;;0.000000 size=7472B;;;0
The response from HTTP vhost:

Code: Select all

root@hera:/usr/local/nagios/libexec# ./check_http -I 10.123.45.67 -H domain.com   
HTTP OK: HTTP/1.1 301 Moved Permanently - 463 bytes in 0.002 second response time |time=0.002416s;;;0.000000 size=463B;;;0
If I put -v I get the page, but the Apache response is still 403.

This are my vhosts on the live server:

Code: Select all

<VirtualHost *:80>
       ServerName domain.com
       ServerAlias www.domain.com

       Redirect permanent / https://www.domain.com/

        ErrorLog ${APACHE_LOG_DIR}/domain-error.log
        # Possible values include: debug, info, notice, warn, error, crit,
        # alert, emerg.
        LogLevel warn
        CustomLog ${APACHE_LOG_DIR}/domain.log combined

</VirtualHost>
The webpage is working fine on the browser. I have test it from my IP and from external IP's to double check.

Thank you.
Last edited by Sentenced on Fri May 31, 2013 3:26 am, edited 1 time in total.
sreinhardt
-fno-stack-protector
Posts: 4366
Joined: Mon Nov 19, 2012 12:10 pm

Re: HTTPS vhost - after forcing redirect

Post by sreinhardt »

The 301, makes sense as this is a redirect and the check_http does not follow them. The 403 however is a bit more interesting. Just to verify, going to domain.com works fine with no other URI specified. Also it does not need a subdomain like www.domain.com?
Nagios-Plugins maintainer exclusively, unless you have other C language bugs with open-source nagios projects, then I am happy to help! Please pm or use other communication to alert me to issues as I no longer track the forum.
Sentenced
Posts: 3
Joined: Mon Apr 08, 2013 12:20 pm

Re: HTTPS vhost - after forcing redirect

Post by Sentenced »

Hi, thank you for the reply.

To confirm, going to domain.com works fine.
It will redirect by default to https://www.domain.com

One more thing that I forgot to mention is that I have forbidden directory traversal in Apache (-Indexes).

Thank you.
sreinhardt
-fno-stack-protector
Posts: 4366
Joined: Mon Nov 19, 2012 12:10 pm

Re: HTTPS vhost - after forcing redirect

Post by sreinhardt »

What about if you specify index.(php\html\cgi), or whatever the normal landing page is aside from just domain.com with the -u parameter. It seems that with indexing disabled check_http and apache are fighting. Specifically apache saying, that doesn't exist and I wouldn't let you go there anyway, and check_http not redirecting even if apache was trying.
Nagios-Plugins maintainer exclusively, unless you have other C language bugs with open-source nagios projects, then I am happy to help! Please pm or use other communication to alert me to issues as I no longer track the forum.
Sentenced
Posts: 3
Joined: Mon Apr 08, 2013 12:20 pm

Re: HTTPS vhost - after forcing redirect

Post by Sentenced »

Thank you., That solved my issue :)

root@hera:/usr/local/nagios/libexec$ ./check_http -I 12.34.56.78 -H -u domain.com -S
HTTP OK: HTTP/1.1 200 OK - 881 bytes in 0.014 second response time |time=0.014401s;;;0.000000 size=881B;;;0

Have a great day! Thanks again. :D
Locked