We’ve started to host websites on AWS, we want to monitor using NagiosXI, but we got some odd results when first attempting to. The web application has no “index.html” page, which is one cause of the 403 forbidden error. However we were getting the same thing even when specifying the correct path. <\/p>\n\n\n\n
It turns out there are a few things at play here, one I mention in https:\/\/geekmungus.co.uk\/?p=1289<\/a> this relates to the SNI which can be required when there are multiple sites (with different SSL Certificates) hosted on the same IP:Port which is the case with an ALB or any load balancer to a certain extent. The other key thing is that your NagiosXI poll must look like a normal request, or the load balancer won’t interpret it correctly.<\/p>\n\n\n\n In our case however it was the WAF that was the problem, it was seeing the request as a BOT because the Nagios request did not provide a UserAgent string! To resolve this you’d do something like:<\/p>\n\n\n\n Adding in an valid UserAgent string solved the issue.<\/p>\n","protected":false},"excerpt":{"rendered":" We’ve started to host websites on AWS, we want to monitor using NagiosXI, but we got some odd results when first attempting to. The web application has no “index.html” page, which is one cause of the 403 forbidden error. However we were getting the same thing even when specifying the correct path. It turns out … Read more<\/a><\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3,16],"tags":[],"class_list":["post-3728","post","type-post","status-publish","format-standard","hentry","category-cloud","category-nagios-and-nagiosxi"],"_links":{"self":[{"href":"https:\/\/geekmungus.co.uk\/index.php?rest_route=\/wp\/v2\/posts\/3728","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/geekmungus.co.uk\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/geekmungus.co.uk\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/geekmungus.co.uk\/index.php?rest_route=\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/geekmungus.co.uk\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=3728"}],"version-history":[{"count":2,"href":"https:\/\/geekmungus.co.uk\/index.php?rest_route=\/wp\/v2\/posts\/3728\/revisions"}],"predecessor-version":[{"id":3730,"href":"https:\/\/geekmungus.co.uk\/index.php?rest_route=\/wp\/v2\/posts\/3728\/revisions\/3730"}],"wp:attachment":[{"href":"https:\/\/geekmungus.co.uk\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=3728"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/geekmungus.co.uk\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=3728"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/geekmungus.co.uk\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=3728"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}.\/check_http -H www.mysite.com --sni --hostname=www.mysite.com -u \/ --useragent=\"Mozilla\/5.0 (Macintosh; Intel Mac OS X 10.15; rv:109.0) Gecko\/20100101 Firefox\/112.0\" -f follow -S\r\nHTTP OK: HTTP\/1.1 200 OK - 7589 bytes in 0.088 second response time |time=0.088117s;;;0.000000 size=7589B;;;0\r\n<\/code><\/pre>\n\n\n\n