Header Shadow Image


Linux: Enable extended httpd status reports in Apache through service: fullstatus

Apache HTTPD is the most popular web server to date.  It's extensible and configurable to meet various needs both small and big.  Here we'll focus on extending it's reporting functionality by enabling full status capability to see more granularity in status reports.  As you probably know, the service on Red Hat Linux systems can be controlled with the service command like this:

  • service httpd restart
  • service httpd stop
  • service httpd start
  • service httpd status (tells if the process is running and reports the PID of the process: nothing else useful is reported)

The configuration httpd parameter above actually refers to a script and can be viewed by editing the file /etc/init.d/httpd using vi, pico, nano or other CLI editors to look up other parameters httpd can be given (ie stop, start, restart, status etc as above).  One of the commands of interest is fullstatus which does not yet come configured out of the box.  Here are the steps to enable it:

  • cat /etc/httpd/conf/httpd.conf|egrep "Location.*\-status"
    # <Location /server-status>
    (Checks if fullstatus has not already been enabled.  A pound (#) before Location above indicates it is disabled)
  • service httpd fullstatus (or apachectl fullstatus )
    Forbidden

     

    You don't have permission to access /server-status on this server.
    .
    .
    (If error is thrown, as above fullstatus has not been enabled)

  • rpm -aq|grep elinks
    elinks-0.12-0.6.pre2.fc10.i386
    (Checks if elinks is installed.  Do this before installing elinks.)
  • yum install elinks
    (IF elinks is NOT installed)
  • rpm -aq|grep elinks
    elinks-0.12-0.6.pre2.fc10.i386
    (To verify installation worked)
  • vi /etc/httpd/conf/httpd.conf
    (Or use pico or nano if you are not comfortable with vi.)
  • Find and uncomment the line ExtendedStatus On (Remove # from start of line)
  • Find and uncomment the following directives.  Change configuration

    From

    #<Location /server-status>
    #   SetHandler server-status
    #    Order deny,allow
    #    Deny from all
    #    Allow from example.com
    #</Location>

    To

    <Location /server-status>
        SetHandler server-status
        Order deny,allow
        Deny from all
        Allow from localhost 127.0.0.1
    </Location>

  • Save the configuration file and exit (In vi type :wq )
  • service httpd restart
    (Restart the httpd service)
  • service httpd fullstatus (or apachectl fullstatus)

The last command should print output similar to the below:

 

                       Apache Server Status for localhost

   Server Version: Apache/2.2.10 (Unix) DAV/2 PHP/5.2.6 Apache/2.2.0 (Fedora)
   mod_perl/2.0.4 Perl/v5.10.0

   Server Built: Oct 21 2008 07:51:36

   --------------------------------------------------------------------------

   Current Time: Wednesday, 14-Jan-2009 01:15:24 EST

   Restart Time: Tuesday, 13-Jan-2009 09:57:34 EST

   Parent Server Generation: 0

   Server uptime: 15 hours 17 minutes 50 seconds

   Total accesses: 13 - Total Traffic: 14 kB

   CPU Usage: u.71 s.09 cu0 cs0 - .00145% CPU load

   .000236 requests/sec - 0 B/second - 1102 B/request

   1 requests currently being processed, 7 idle workers

 ______W_........................................................
 ................................................................
 ................................................................
 ................................................................

   Scoreboard Key:
   "_" Waiting for Connection, "S" Starting up, "R" Reading Request,
   "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup,
   "C" Closing connection, "L" Logging, "G" Gracefully finishing,
   "I" Idle cleanup of worker, "." Open slot with no current process

Srv PID   Acc  M CPU   SS   Req Conn Child Slot    Client       VHost           Request
0-0 2465 0/2/2 _ 0.43 26995 74  0.0  0.00  0.00 24.102.58.189 127.0.0.1 GET /nonexistenshit
                                                                        HTTP/1.1
1-0 2468 0/2/2 _ 0.00 26995 1   0.0  0.01  0.01 24.102.58.189 127.0.0.1 GET /mail/bin/msgimport
                                                                        HTTP/1.1
2-0 2471 0/2/2 _ 0.00 26994 1   0.0  0.00  0.00 24.102.58.189 127.0.0.1 GET /bin/msgimport
                                                                        HTTP/1.1
3-0 2474 0/2/2 _ 0.37 26994 1   0.0  0.00  0.00 24.102.58.189 127.0.0.1 GET /rc/bin/msgimport
                                                                        HTTP/1.1
                                                                        GET
4-0 2476 0/2/2 _ 0.00 26994 1   0.0  0.00  0.00 24.102.58.189 127.0.0.1 /roundcube/bin/msgimport
                                                                        HTTP/1.1
                                                                        GET
5-0 2478 0/2/2 _ 0.00 26993 1   0.0  0.00  0.00 24.102.58.189 127.0.0.1 /webmail/bin/msgimport
                                                                        HTTP/1.1
6-0 2480 0/1/1 W 0.00 0     0   0.0  0.00  0.00 127.0.0.1     127.0.0.1 GET /server-status
                                                                        HTTP/1.1

   --------------------------------------------------------------------------

    Srv  Child Server number - generation
    PID  OS process ID
    Acc  Number of accesses this connection / this child / this slot
     M   Mode of operation
    CPU  CPU usage, number of seconds
    SS   Seconds since beginning of most recent request
    Req  Milliseconds required to process most recent request
   Conn  Kilobytes transferred this connection
   Child Megabytes transferred this child
   Slot  Total megabytes transferred this slot

   --------------------------------------------------------------------------

    Apache/2.2.0 (Fedora) Server at localhost Port 80

In the above case it caught the popular nonexistenshit scan attempt discussed earlier in Security: Round cube webmail scans spreading on the web: roundcube, msgimport, nonexistenshit and webmail

Cheers!


     
  Copyright © 2003 - 2013 Tom Kacperski (microdevsys.com). All rights reserved.

Creative Commons License
This work is licensed under a Creative Commons Attribution 3.0 Unported License