...
As far as our Nagios was concerned everything was fine, because the main web page still gave back a nice 200 OK 
To add insult to injury to insult, the page that were served were unparsed PHP files, including all kinds of sensitive information such as database logins, file locations etc.
...
I came up with this check in commands.cfg (note that there are separate checks for HTTP and HTTPS):
| Code Block | ||||
|---|---|---|---|---|
| ||||
define command{ command_name check_unparsed_php_http command_line /usr/lib/nagios/plugins/check_http -I $HOSTADDRESS$ -H $ARG1$ -u $ARG2$ --invert-regex -r '^\s*<\?(php)?\s+' } define command{ command_name check_unparsed_php_https command_line /usr/lib/nagios/plugins/check_http -I $HOSTADDRESS$ --ssl -H $ARG1$ -u $ARG2$ --invert-regex -r '^\s*<\?(php)?\s+' } |
Then use this check for pages on your web server that you know should parse PHP. The arguments are the vhost name, and the URL:
| Code Block | ||||
|---|---|---|---|---|
| ||||
define service
use generic-service ; Name of service template to use
host_name cajones
service_description PHP parsing on www.tienhuis.nl
is_volatile 0
normal_check_interval 30
retry_check_interval 1
contact_groups server-admins
notification_interval 60
notification_period 24x7
notification_options w,u,c,r
check_command check_unparsed_php_http!www.tienhuis.nl!/~visser.p.php
} |
...