check_http and nosniff options

This support forum board is for support questions relating to Nagios XI, our flagship commercial network monitoring solution.
Locked
hbouma
Posts: 483
Joined: Tue Feb 27, 2018 9:31 am

check_http and nosniff options

Post by hbouma »

We have a security tool that is needing the nosniff option set on the URL, but as soon as that is turned on, we start getting failures from our check_http monitors to those URLs.

We have Nagios 5.7.3, and the check has worked fine forever until this nosniff option was set. Does anyone have any experience with monitoring URLs that have the nosniff option?

Results of the check as soon as the nosniff option is turned on:
HTTP CRITICAL: HTTP/1.1 500 Internal Server Error - string 'STRING' not found on 'https:/URL' - 1528 bytes in 0.138 second response time
Top
dchurch
Posts: 858
Joined: Wed Oct 07, 2020 12:46 pm
Location: Yo mama

Re: check_http and nosniff options

Post by dchurch »

This seems to me to be a bug in the remote HTTP server you're monitoring. The only reason you'd be seeing this is if the server returned a 5xx HTTP response code. Perhaps the code adding the header has a bug in it.

I'd check the following to see what's going on:
  • The HTTP server's error logs
  • The output from curl -D /dev/stdout [URL], where URL is the URL in the check_http configuration
Why the Plugin Is Returning This

The only way that the plugin could say that there was BOTH a 500 error and a missing string in the output is if the server returned a 5xx HTTP response code AND response body.

For instance, if the URL http://myhost.example.com/mypage.php returned the following:

Code: Select all

HTTP/1.1 500 Internal Server Error
Date: Fri, 16 Oct 2020 18:11:24 GMT
Server: Apache
X-Powered-By: PHP
X-Content-Type-Options: nosniff
Content-Length: 3
Connection: close
Content-Type: text/html; charset=UTF-8

<html>empty example document</html>
and your plugin was looking for STRING in the -s flag configuration, then the plugin would give an error message similar to what you're seeing:

Code: Select all

/usr/local/nagios/libexec/check_http -I myhost.example.com -S -u /mypage.php -s STRING
HTTP CRITICAL: HTTP/1.1 500 Internal Server Error - string 'STRING' not found on 'https://myhost.example.com/mypage.php' - 271 bytes in 0.110 second response time |time=0.110098s;;;0.000000 size=271B;;;0
If you didn't get an 8% raise over the course of the pandemic, you took a pay cut.

Discussion of wages is protected speech under the National Labor Relations Act, and no employer can tell you you can't disclose your pay with your fellow employees.
Top
hbouma
Posts: 483
Joined: Tue Feb 27, 2018 9:31 am

Re: check_http and nosniff options

Post by hbouma »

Thank you. My IT Security team got back to me and it was a bug in the way they were implementing the change. I appreciate the help.
Top
scottwilkerson
DevOps Engineer
Posts: 19396
Joined: Tue Nov 15, 2011 3:11 pm
Location: Nagios Enterprises
Contact:
Contact scottwilkerson

Re: check_http and nosniff options

Post by scottwilkerson »

hbouma wrote:Thank you. My IT Security team got back to me and it was a bug in the way they were implementing the change. I appreciate the help.
Great!

Locking thread
Former Nagios employee
Creator:
Human Design Website
Get Your Human Design Chart
Top
Locked

Return to “Nagios XI”