WEDOS OnLine and web monitoring

[gtranslate]

WEDOS OnLine is our service for monitoring and controlling domains, websites, servers and other services. We use it ourselves for bulk checking of all hosting services of our customers and you can see the aggregated outputs at status.wedos.hosting. She saved us a lot of trouble and time. We believe that this is one of the most interesting services in our offer. and has therefore also been given due priority.

Today, we’ll look at how you can use it to check the availability of your site, wherever you have it.

HTTP(S) availability check

This is the basic and most popular WEDOS OnLine check. It is used by 80.65% of active users and has a 58.75% share of all checks. You can check specific URLs at intervals of 1 to 45 minutes. You can create it here.

Its main goal is to determine if the URL is available and how long the response time is. The user has the option to set when to be notified of a slow response or to terminate the connection.

While 2000 ms may be a reason to mark a web page as slow, you need a much faster response for an API, for example.

TIP: Did you know that if you leave the value blank, the response rate will not be evaluated? You won’t even get warnings that the site is slow.

You can now set which server responses (status codes) are to be considered correct by this check. You can separate individual codes with a comma (200,301) and/or use a range (300-307).

Controls are carried out from several locations. First from us from Hluboká nad Vltavou, and if unavailability is detected, then verification from other locations follows. For now we have been using third party servers, but as WEDOS Global grows we will start using our own hardware around the world.

If an error occurs, you will be notified by email or other notification (Mettermost, Rocket.Chat, Slack, Pushover, Webhook). Webhooks have interesting uses, but we’ll talk about that some other time.

And what information can this check provide us with (found in the Error History)?

Datum	15.12.2022 20:59:57
Stav	pomalé
Odezva	2588 ms
Detaily	200
IP adresa	2a0e:acc0::c27

Probably the most common information that informs that the test has exceeded the “Slow” setting. I can find out when, how long the request took, what the status code was, and what IP address was checked.

This check automatically prefers IPv6 over IPv4 (if available). However, you can set up two checks. One on IPv4 and one on IPv6. Currently, unavailability over IPv6 is not a big problem, but if it becomes slower it may indicate a more complex problem.

Datum	12.12.2022 03:37:43
Stav	bez odpovědi
Detaily	Operation timed out after 10001 milliseconds with 0 bytes received
IP adresa	2a02:2b88:1:4::bc
Reverz. záznam	hc1-wd332.wedos.net

This is the second most common problem. This is a “no reply” error, where no reply has been received in a preset time. 10 seconds is set as default timeout in WEDOS OnLine (higher value cannot be set). However, if your server is under a lot of pressure, it queues requests and only drops them when the queue is full (usually 503 are returned).

The check also includes a reverse server log, which you can use to check the status of the server at status.wedos.hosting. This will tell you if the error is currently affecting only you or the entire server.

All errors on status.wedos.hosting in the last 24 hours are also logged by us in RSS in XML and JSON format.

If you don’t have services with us, the server name information will help you track down the problem, or if you communicate with customer support, you can easily tell them which server you have services on without having to search for it in the administration, which will speed up the problem resolution.

Check the trustworthiness and expiration of the certificate

This sub-check is part of the HTTP control and is optional. If you use HTTPS you should have it enabled. It will alert you when your certificate is about to expire, which is really handy. It will also warn you of any errors with the certificate. Most server administrators have an automated certificate renewal process (including us), but something can always go wrong. We have also experienced problems directly with the certification authority.

Certificates are really worth keeping an eye on, because once they are invalid, users are alerted by the browser, and quite emphatically.

Notification in case of a problem looks like this:

Název: Název mého testu
Cíl: https://www.doména.cz/index.php
Počet varování: 1

1. Blíží se expirace certifikátu - 2020-04-29 23:44 GMT

TIP: If you need to adjust the number of days when warnings start to arrive for an expiring certificate, just edit the Warning certificate: entry. Can be set from 1 to 30 days.

Check block/black sheets

Block lists (formerly blacklists) are public or private lists of problematic IP addresses or domains that are suspected of illegal or malicious behaviour. The most common are spamming, DDoS attacks, phishing or other forms of cybercrime.

These lists can then be used by server administrators, service providers, or internet service providers to restrict traffic from them. How they limit traffic is entirely up to them. They can restrict only certain ports or completely disable (discard) all requests from them.

If an IP address is on a public blacklist, it may be difficult to remove it. Some blacklists provide an option to report an error or appeal the posting (this is used if the operator writes that they have solved the problem). However, it can take days or weeks. The blacklist administrator may leave it there on purpose to make sure there is no more illegal activity.

It is important to remember that the key is to know that you are on a public blacklist, because then you can act. Your emails sent from the server can fall into spam for months, just because you are blacklisted somewhere.

WEDOS OnLine offers a check of the domain and IP address of the server to see if it is on the DNSBL (DNS Blacklist) and URIBL (Uniform Resource Identifier Blacklist).

If an IP address or domain is found on a blacklist, you will receive the following information:

Název: Moje kontrola domény domena.tld
Cíl: https://doména.cz/
Počet varování: 1

1. IP na blacklistu - AAA.BBB.C.DDD - cbl.abuseat.org - Blocked - see http://www.abuseat.org/lookup.cgi?ip=AAA.BBB.C.DDD
AAA.BBB.C.DDD - zen.spamhaus.org - https://www.spamhaus.org/query/ip/AAA.BBB.C.DDD

TIP: We try to include a link to the specific blacklist entry in the warning, where you can usually find an option to resolve the issue. However, sometimes it is necessary to ask the server administrator (hosting) to remove it directly.

DNS servers

Checking the status and health of DNS servers is the third most popular check for active WEDOS OnLine users. It is used by more than 6% of users and accounts for 7.42% of active checks. You can set it up here.

Once a domain is entered, every 1 to 45 minutes the DNS servers that are set up for the domain are checked, which decide where the domain goes, not only the content, but also, for example, emails.

TIP: If you check the box to be notified of DNS server changes, you will also be notified of DNS changes. This will alert you to possible domain theft (pointing the domain elsewhere). Also, the new DNS server may not have all the NS records correct.

DNS servers are a critical part of the Internet, so every hosting uses at least two in case of failure. At WEDOS we prefer to use 4, each in a different location and combine technologies.

This check tests not only the availability of DNS servers but also their responsiveness. Again, the first check at WEDOS DC1 in Hluboká nad Vltavou is used and in case of unavailability of verification from abroad.

As you can see, the response of each DNS is also tested. The DNS issue is more complex, but in simple terms, at least for new visitors (first access) you need to keep the response time as low as possible, because it is added to the time it takes to load the page, or whatever the visitor’s browser asks for.

Fortunately, the browser, your operating system, your router, or your ISP stores everything, so repeated queries are already cached. However, the first one, which is very important, can last. This is exactly what AnycastDNS solves, where the visitor is matched with the DNS closest to them, which is one of the features of our new decentralized network WEDOS Global.

And what do the warnings look like?

Název: XXXXX.cz
Cíl: XXXXX.cz
Počet varování: 1

1. Chybná odpověď DNS serveru
  - ns1.XXXXX.cz/AA.B.CCC.DDD: Response timeout
  - ns1.XXXXX.cz/AAAA:BBBB:CCC::DDD: Response timeout

One of the DNS servers is down. The check reports a Response timeout. His role will be taken over by the backup, so it usually doesn’t affect service. But it does require watching, especially if more of them are dropping out and for longer periods of time.

Název: XXXXXXXXXX.cz
Cíl: XXXXXXXXXX.cz
Počet varování: 1

1. Sériová čísla DNS zón se liší
  - ns2.XXXXXXXXXX.cz/AA.BBB.CCC.DDD: 2022112001
  - ns2.XXXXXXXXXX.cz/AAAA:BBBB:C:DD::EE:FFFF: 2022112001
  - YYYYYY.XXXXXXXXXX.cz/AAA.BBB.CCC.D: 2022112101
  - YYYYYY.XXXXXXXXXX.cz/AAAA:BBBB:CC::D: 2022112101

The DNS zone serial numbers differ error can occur when records are updated on one DNS server but are not transmitted to other servers that contain a copy of that zone. In this case, some DNS servers may still use the old versions of the records, while others use the new versions. This may cause problems accessing the domain or services associated with the domain.

What do blackouts look like?

DNS outages are relatively rare. DNS is a robust system, and most hosts have it fairly robust. When problems occur, it is usually due to intention (failed maintenance, DDoS attack) or the sum of multiple events. For example, a competing hosting company had this problem in early December.

Název: [Konkurence] XXXXX.cz
Cíl: XXXXXX.cz
Stav: nedostupné
Detail: 
 - ns1.XXXXXX.cz/AAA.BB.CCC.DDD: Response timeout
 - ns2.XXXXXX.cz/AAA.BB.CCC.DDD: Response timeout
 - ns3.XXXXXX.cz/AAA.BBB.CC.DDD: Socker error 203
Počet chyb: 2
Problém od: 2022-12-07 00:00:53 CET
Délka problému: 2m 16s

The “Socket error 203” error can be caused by problems with the network connection or with the configuration of the DNS servers.

Conclusion

This is just a small sample of what WEDOS OnLine can do, and you can start using it now and for free 🙂

We focused purely on checking web availability and DNS, which is a basic requirement for a normal website. If you are using email, it would require checking the appropriate NS logs and protocols, if DNSSEC, then that too, but that would make this article a smaller book 🙂