New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
HetrixTools custom header or basic auth
Today I looked for a feature in HetrixTools that I was sure was there...but I couldn't find it. Maybe I just took it for granted from my experience with similar services, but I need to check websites that require some sort of authentication.
I have two use cases on my hands now, and I'd like to know whether HetrixTools can satisfy them or I need to look elsewhere.
- A website is behind a CDN, and I'd like to put the origin under monitoring. The origin is configured to only serve content if a certain custom header is present in the request, so that it cannot be accessed directly bypassing the CDN.
- Another website has two versions: a live version which is publicly accessible, and a preview version where a certain team experiments and develops new content. The preview version is essential to day-to-day work (hence the need to monitor it) but is not publicly accessible: those who use it currently authenticate themselves with basic auth. I could also use a custom header here as an alternative to the basic auth.
Are those features there or on the roadmap @HBAndrei?
Thanked by 1cainyxues
Comments
Not the most ideal, but I guess you could either authenticate with GET parameters (e.g. create a specific query params similar to what you would do with an header authentication), or just accept the 40X response as 'up'
Mine have feature to check monitor that authenticated using basic auth or you can set custom header. Sometimes I give free giveaway too in this forum.
currently it gives a 503...not too great for a monitoring service
I thought I'd seen this feature too and am surprised it's not supported. Did you try using the basic auth URL format? (Assuming the site is using HTTP basic auth)
https://{username}:{password}@example.comHi thanks for the suggestions...GET params is not acceptable and without auth there's a fixed response and the component I need to monitor is not even engaged.
Grafana synthethic monitoring will do the trick for you. I do a lot of API checks against $work + own infra using it, it picks up errors rather quickly and will log the response returned.
also isn't it just easier to have an [secret] endpoint for HT health check?
You do some front-end checks and if all working returns 200, if not return 500 - it will be picked up by HT and you can do some crazy health checks in one place
cleared cloudflare cache after a little misconfiguration in landing page. but app is working normally.
Thanks for the suggestion. I tried but it's not accepted, maybe due to special characters in the password. Even when urlencoded, I get Invalid website link. Please try again.
Hetrixtools support team is very techy, you may open ticket with them. They will definitely guide
Thanks for the suggestion. I signed up for Grafana Cloud and it's very complicated, while also probably very powerful. I created a couple of synthetic monitors and checking once per minute translates to 267840 executions / month, which apparently is already above the free tier limit of 100k synthetics test executions. At $5 per 10k test executions, it can get expensive pretty quickly.
I don't know if my above calculations are correct, however I'm looking to spend between free and 100$ per year.
Here's from HetrixTools support:
I've started a trial with BetterStack, as they allow sending custom headers and basic auth.
Adding to my own old thread: I now need to set up monitoring for endpoints that require mTLS. Of the services I know, this seems to be supported only by Grafana Cloud, or AWS CloudWatch Synthetic Canaries.
So, to sum it up:
I think I should add the well-known:
First of all you missed the best answer you got here, the one from @JabJab : https://lowendtalk.com/discussion/comment/4366706/#Comment_4366706 (that's also what I'm doing since 6 years, setup works flawlessly w/ hetrixtools all the time).
Second, you may do that as well with Grafana in a self-hosted fashion: doing an internal monitoring on your dev and staging node that is pushing out the data to a self-hosted Grafana board.
Collect health data internally on the node, sent it out via collectd/stats with graphite or use prometheus etc. and setup a Grafana board to show the data.
I don't get at all why you rather want to spend $$$ on any of those commercial/enterprise providers while getting better data and scalability in doing it yourself.
I think uptime.com has what you are asking for.
See: https://support.uptime.com/hc/en-us/articles/5608610773404-API-Check-Commands-Variables-and-Validators#authentication-settings
Thanks for the suggestions. They are valid, but in my case this time I'm looking at an externally hosted, easy to use solution for the following reasons:
@simlev ok, those are valid concerns/constraints based on your companies/projects structure (and for that, the company has to use the money to pay for an external service).
Just one hint: don't use uptimerobot for anything serious or start first by monitoring the uptimerobot itself. I would not want to use that provider for anything important...
Suprised no one mention that hetrix has there IPs public. https://docs.hetrixtools.com/uptime-monitoring-ip-addresses/
Just only allow hetrix ips with basic auth or a secret endpoint. Since your behind a cdn you need to trust the cdn isn't vulnerable to ip spoofing or some ip forwarding headers trickery.
Uh-oh, I didn't know uptimerobot had a less than spotless reputation. I've only used it a little long ago, but then switched to Hetrixtools for all my personal projects and never looked back.
Maybe I should also give @faleddo's SweetUptime a spin. It does include a generous free tier to try it out. Anyone here wants to share their experience with it?