8

I'm setting up monit on a new site, which I'll refer to as mywebsite.com during this question. I've set up the config to access monit's web interface page, but I can't connect to it. I've got a basic firewall running with iptables, and I think I've made a hole for monit, but I can't connect to monit's web interface, and I don't know why.

I haven't set up anything to monitor yet: my monit config looks like this:

## Start monit in the background (run as a daemon):
set daemon  120           # check services at 2-minute intervals

set httpd port 2812 and
  use address mywebsite.com  
  allow localhost      
  allow admin:password

I've restarted monit with these rules.

I've made a rule for monit in my iptables config, which looks like this:

#monit interface
-A OUTPUT -p tcp --dport 2812 -j ACCEPT
-A INPUT -p tcp --dport 2812 -j ACCEPT

I've then imported these rules into /sbin/iptables-restore. I can see the monit entry when I do sudo /sbin/iptables -L:

...
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:2812 
...

But, when I go to http://mywebsite.com:2812 i get Error code: ERR_EMPTY_RESPONSE in the browser.

Any ideas, anyone? I don't even know if the problem is anything to do with iptables. Thanks in advance, Max

EDIT: I tried changing the 'localhost' line in the monit config thus:

set httpd port 2812 and
  use address mywebsite.com  
  allow mywebsite.com      
  allow admin:password

but it didn't make any difference.

mauliksompura
  • 105
  • 5
Max Williams
  • 237
  • 1
  • 3
  • 14

1 Answers1

16

To access Monit from outside nerwork, just set :

For no athentication and access from everywhere :

set httpd port 2812

For access from everywhere with authentication :

set httpd port 2812
   allow <auth_user>:<auth_password>

In your case, remove the and at the end of the line set httpd port 2812 and

Note: If you are testing the setup with password set as "password" you will receive this error:

Error: syntax error 'password'
radtek
  • 405
  • 4
  • 6
krisFR
  • 12,830
  • 3
  • 31
  • 40
  • 1
    that's worked - thanks! The "and" part came from this site - http://www.tecmint.com/how-to-install-and-setup-monit-linux-process-and-services-monitoring-program/ - is that perhaps left over from an older version of monit, that had a different config syntax? – Max Williams Jan 02 '14 at 14:01
  • 1
    No, that is because in this tutorial they always deal with localhost. They don't explain how to access from outside localhost (look at the url in their print-screen) – krisFR Jan 02 '14 at 14:15
  • This helped me a ton and I love monit – Cesar Bielich Feb 05 '17 at 23:00
  • I suspect you have to specify at least one between the `allow` and `credentials` directives. See https://serverfault.com/a/900823/459872 – Davide Cavestro Mar 09 '18 at 09:17
  • just setting httpd port 2812 without allow does not work anymore. monit: monit httpd not started since no connections are allowed – sgohl Jan 02 '19 at 18:25
  • If you have a firewall, dont forget to add an exception for that port. I had to run `ufw allow 2812` in order to get it working. after having the first line `set httpd port 2812 and` and the second line was `allow username:password` – KingsInnerSoul Jan 18 '21 at 22:28