HTTP 1.1 monitoring in F5

If you need to add a health check to monitor http 1.1 page, then you can use the following steps:

To prevent the monitor from incorrectly marking the server down, modify the health monitor Send String to send an HTTP 1.1 request by specifying the HTTP version, the required Host header, and the Connection: close header. 

Note: HTTP/1.1 requires the Host header to be present in the request but does not require the header to contain a value. If you do not have a specific host name on your server, a value of Host: <space> suffices in most cases. A null value is valid unless the HTTP server requires them for virtual hosting.

For example:

Your existing monitor requests the default document in the root directory by sending the following Send String:

GET /

To send an HTTP 1.1 compliant request, modify the existing Send String to appear similar to one of the following examples, depending on your version:

10.2.0 and later

GET / HTTP/1.1\r\nHost: host.domain.com\r\nConnection: Close\r\n\r\n

or

GET / HTTP/1.1\r\nHost: \r\nConnection: Close\r\n\r\n

9.4.x, 9.6.x, 10.0.x and 10.1.x

GET / HTTP/1.1\r\nHost: host.domain.com\r\nConnection: Close

or

GET / HTTP/1.1\r\nHost: \r\nConnection: Close

9.2.x and 9.3.x

GET / HTTP/1.1\r\nHost: host.domain.com\r\nConnection: Close\r\n

or

GET / HTTP/1.1\r\nHost: \r\nConnection: Close\r\n

9.0.x and 9.1.x

GET / HTTP/1.1\nHost: host.domain.com\nConnection: Close\n

or

GET / HTTP/1.1\nHost: \nConnection: Close\n

4.x

GET / HTTP/1.1\nHost: host.domain.com\nConnection: Close\n

or

GET / HTTP/1.1\nHost: \nConnection: Close\n

Original instruction located at http://support.f5.com/kb/en-us/solutions/public/3000/200/sol3224.html

 

Apache not processing php in suse

If you have php installed on your suse os, but apache is not processing php page, then the following might help solve your problem:

1. edit /etc/sysconfig/apache2, on "APACHE_MODULES=" add "mod_php5"

2. Edit /etc/apache2/sysconfig.d/loadmodule.conf

Add this line for 32 bit OS
LoadModule php5_module /usr/lib/apache2/mod_php5.so

Add this line for 64 bit OS
LoadModule php5_module /usr/lib64/apache2/mod_php5.so


3. run these command
 /etc/init.d/apache2 stop
 /etc/init.d/apache2 start

/usr/sbin/httpd: symbol lookup error: /usr/sbin/httpd: undefined symbol: apr_array_clear

problem:

/usr/sbin/httpd: symbol lookup error: /usr/sbin/httpd: undefined symbol: apr_array_clear

solution:

update apr and apr-util

in redhat, run

yum update apr apr-util

IP restriction in apache

You can use apache mod_rewrite to restrict access to your site.

For example, you can use the following code to restrict /images on your site to only allow ip address of 10.1.1.1. Any other ip will get a 403 forbidden error:

 RewriteEngine On
 RewriteCond %{REMOTE_HOST} !^10\.1\.1\.1$
 RewriteRule ^/images/ - [F]

If you need to allow an entire subnet such as 10.1.1.1 - 255, then you can use this:

 RewriteEngine On
 RewriteCond %{REMOTE_HOST} !^10\.1\.1\.(.*)$
 RewriteRule ^/images/ - [F]

If you need to allow a specific range such as 10.1.1.135-159, then you can use this:

 RewriteEngine On
 RewriteCond %{REMOTE_HOST} !^10\.1\.1\.13[5-9]$
 RewriteCond %{REMOTE_HOST} !^10\.1\.1\.1[4-5][0-9]$
 RewriteRule ^/images/ - [F]



If you are using load balancer, then you can replace %{REMOTE_HOST} with %{HTTP:X-FORWARDED-FOR} such as

 RewriteEngine On
 RewriteCond %{HTTP:X-FORWARDED-FOR} !^10\.1\.1\.1$
 RewriteRule ^/images/ - [F]

Nagios Apache Audit

Nagios Web Interface shows a lot of info about the hosts and services, but it 's not easy audit the change that were made to it such as who made a change?

The following script grab the apache log for all the changes that were made in nagios for that particular day.

(You can download the script here: nagios_apache_audit.pl)



#!/usr/bin/perl

@months = qw(Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec);
@weekDays = qw(Sun Mon Tue Wed Thu Fri Sat Sun);
($second, $minute, $hour, $dayOfMonth, $month, $yearOffset, $dayOfWeek, $dayOfYear, $daylightSavings) = localtime();
$year = 1900 + $yearOffset;
#$theTime = "$hour:$minute:$second, $weekDays[$dayOfWeek] $months[$month] $dayOfMonth, $year";
#print $theTime;

my $today="$dayOfMonth/$months[$month]/$year";

#print $today . "\n";

open FILE, "/var/log/httpd/access_log" or die "cannot open apache log $!";

my @lines=<FILE>;

print "\n<BR>---------------------------------------------------\n<BR>";
print "The following changes were made to nagios:\n<BR>";
print "---------------------------------------------------\n\n<BR><BR>";



foreach $line (@lines)
{
if($line=~m/$today/ && $line=~m/POST/ && $line=~m/cmd.cgi\?cmd_typ=/)
{

print $line . "<BR>";

}
}