Monitoring your websites

Monitoring whether your websites are available, and that everything is up and running is really useful. Getting an alert if there is an issue means you can be ready to take the necessary steps to resolve the problem.
You can check if your site is available all around the world and if all the services like MySQL, FTP, DNS or REST API are up and running on the server. (e.g.: site24/7, Alerta)

There are plenty of tools to use for monitoring purposes. A good number of them are free and you don’t even have to register to use them, which is really nice and convenient. However, these free solutions might hide a huge security risk. So, checking the service with your sysadmin and / or hosting provider is a must before using it.

The Security aspect

If there is any firewall in front of the server then these monitoring tools might give false warnings about your sites not being available, but when you check the website, it is up and running. This means that the firewall is blocking the IP address of the monitoring service.

Well then, let’s whitelist the IP addresses! Right?
Not really.

Whitelisting these website checking, and monitoring, solutions could resolve this issue, but it would create a huge gap in the server’s defenses if done without evaluating the security risks. As requests from a whitelisted IP bypass the firewall, if the monitoring or site checking solution is not secure almost any request or scan can be launched from it.

On the screenshot above you can see that this checking solution simply accepted the parameters I added. There is no need for registration or even solving a captcha, and all this can be done by a bot too. The site checker can be also used to scan popular ports to see if they are open, thus exposing services running on the server. For example, check-host.net and uptrends’ free demo also allow parameters in the URL field.

Conclusion

Make sure the whitelisted monitoring service cannot be used to harm your server or your websites or to expose sensitive information about your server. We only recommend the whitelisting of a monitoring service if you are certain that the monitoring solution you wish to use cannot be exploited by hackers.

Indicators of a secure monitoring tool:

  • Global number of requests sent out to an IP address is restricted. So, the whitelisted service cannot be used to overload your server.
  • Requests sent out are restricted regarding their content, therefore possible attackers cannot pass malicious parameters via the input field.
  • Anti-robot user validation is required  to use the tool, e.g.: captcha, registration, this way hackers cannot exploit the service with a bot or bot network.
  • You need to be sure that the service’s servers are secure and not infected, as an infected server’s IP address is big security hazard. If a monthly subscription is required then that should be a good indicator of the servers being secure.
  • Installing a monitoring solution directly to the server to check the main services’ status and the server’s status while allowing you to also check if your sites are available. A great example for that is cula.io. You can generate a script with cula.io that can monitor the required services and you can also add URLs that you wish to check.