Nagios Support Forum

Hi,

We are running Nagios XI in a very strict and secure environment. All network traffic is monitored by a proxy. Policy is block until allowed. Netadmin is reporting blocked traffic to a website http://www.bin-co.com/php/scripts/load.

Netadmin is not happy:

- Call is over HTTP instead off HTTPS
- Why do we need this call

Martin
Truston

We have a function inside XI called load_url() which is what we use to load external data via APIs and sometimes to make calls to the XI server from inside the php in various areas. The User-Agent section of the headers is sent with that URL in them. Since the URL is dead you can't see what it was, but it was a page that explained the script that we use to load external URLs.

Due to the site being gone I have removed the link from the User-Agent header for future versions of XI.

Thank you for sharing.

The Nagios XI version installed: 5.4.13

Is there a possibility for us to modify the scripts. I did a search on our Nagios Server to find the string ' http://www.bin-co.com/php/scripts/load' and found that ''User-Agent' => 'BinGet/1.00.A (http://www.bin-co.com/php/scripts/load/)'' is used in:

nagios/libexec/check_nagioslogserver.php
nagios/libexec/check_nagiosxiserver.php
nagiosxi/html/includes/configwizards/nagioslogserver/plugins/check_nagioslogserver.php
nagiosxi/html/includes/configwizards/nagiosxiserver/plugins/check_nagiosxiserver.php
nagiosxi/html/includes/utilsx.inc.php
nrdp/clients/send_nrdp.php

I think that in our situation nrdp/clients/send_nrdp.php is the problem. Because the blocking on the web proxy started after activating the upload (NRDP) to our central Nagios Server. (passive monitoring).

Ed
Truston

Yes you can change the User-Agent section on any of those and it will not affect the product. We updated it in XI 5.5.3 but things like the send_nrdp script won't be upgrade right away unless you do it manually.