One of the many cool things LogicMonitor can do is auto-discover your Apache web server and collect server statistics on it. This requires that the server have the mod_status module enabled, and that the LogicMonitor agent have access to the server-status page.

Normally, this is controlled by a Location block in the Apache server configuration, which associates the server-status handler with the URL path. Since you probably don’t want to let the world know exactly what your server’s doing, the block also defines which hostnames or IP addresses are allowed to get access to it.


<Location /server-status>
SetHandler server-status
Order deny,allow
Deny from all
Allow from localhost 127.0.0.1
</Location>

This week’s lesson is that, once you’ve allowed your LogicMonitor agent access to the server-status page, it is very important that you don’t accidentally remove that access. Use a specific Allow line for the monitoring agent with its IP address (or a network if you have several monitoring agents) and make sure it’s labelled. Don’t let monitoring just be included in some other anonymous network or domain catch-all which might be accidentally removed.

Honest, it was an accident. :)


<Location /server-status>
SetHandler server-status
Order deny,allow
Deny from all
Allow from localhost 127.0.0.1

# core servers
Allow from .int.blippo.net 10.0.0.32/28

# monitoring, do not remove!
Allow from 10.0.0.42
</Location>

Another important note is that the LogicMonitor agent will not follow redirects. So if your server normally redirects all requests, or rewrites URL paths to a page generator, exclude the server-status page from being so modified. If you’re using mod_rewrite


RewriteEngine on
RewriteRule ^/server-status - [L]
...