Recently one of our web servers got screwed up by accidentally disabling the PHP module.
As far as our Nagios was concerned everything was fine, because the main web page still gave back a nice 200 OK
To add insult to injury, the page that were served were unparsed PHP files, including all kinds of sensitive information such as database logins, file locations etc.
So, not good.
I came up with this check in commands.cfg
:
define command{ command_name check_unparsed_php command_line /usr/lib/nagios/plugins/check_http -I $HOSTADDRESS$ -H $ARG1$ -u $ARG2$ --invert-regex -r '^\s*<\?(php)?\s+' }
Then use this check for pages on your web server that you know should parse PHP. The arguments are the vhost name, and the URL:
define service use generic-service ; Name of service template to use host_name cajones service_description PHP parsing on www.tienhuis.nl is_volatile 0 normal_check_interval 30 retry_check_interval 1 contact_groups server-admins notification_interval 60 notification_period 24x7 notification_options w,u,c,r check_command check_unparsed_php!www.tienhuis.nl!/~visser.p.php }