March 1, 2017 at 09:36How to check availability of a database by an external service
Many entry-level and mid-level commercial sites often come across a variety of database problems. Such projects are unlikely to have their own database administrator, while other employees cannot or simply do not have time for really high-quality settings for cleaning, replication, backups and other mandatory procedures. And even less often, it succeeds in time to control all this and take the necessary measures. What to do? One solution is offered by the HostTracker monitoring service .
You enter the address of your database and login / password to connect to the form. If we limit ourselves to this, only the ability to connect to the site will be checked. But you can also write a specific request, for execution with a regular check. The result can be considered, at choice, the number of rows affected by the query (for example, the result of the query SELECT COUNT (*) or DELETE), or the result of the first cell in the first row. Thus, you can control everything that is done in the database, if desired. It is also possible to compare this value with some reference, and provide for a certain logic. For example, to sound an alarm if the reference value is exceeded, differs from the set value or crawls out of a certain framework.
The result of such checks is quite understandable and obvious statistics. For example, below are the results of monitoring the volume of the database, with the established limit of 25 GB. As you can see, the volume grows linearly - either cleaning is not performed, or maybe such growth is the normal order of things. On some day, the set volume was exceeded, and the client received a notification, but so far no visible action has been taken. Alternatively, it could be a “guard” against sudden volume jumps, but in this case the task should be edited and the critical value increased so that it would continue to perform such a function.
In addition, the graph shows that the statistics retain the time for determining DNS, connecting, and actually executing the request. If the request suddenly starts to run longer than usual - this is also easy to see in the statistics of the HostTracker .
The security problem really exists: the username and password from your database is with us. But following simple rules can prevent potential troubles. Firstly, we recommend setting up a firewall by allowing connections to only the two addresses indicated in the first picture. Secondly, create an account that is allowed access only to the database and table that is needed to execute the command. And just for reading, of course. Well, by constructing the queries in such a way that only the number or number of rows is returned, you can be sure that we are not receiving any other data. If you really need to, you can create a separate procedure and run only it in the request - in this case, our service will not even receive information about your database architecture and table names.
I’ll briefly mention other useful features that may be useful to people who are “responsible for everything” in small companies. Recently, it became possible to check the site’s inclusion in the lists of Roskomnadzor , as well as in various spam blockers - DNSBL lists . Well, the “hit” is a problem that killed a lot of nerves and money. This is the sudden expiration of a domain or certificate. And this, too, can be controlled additionally .
All this is being tested and improved, including thanks to customer reviews and well-wishers. Therefore, we are always happy for cooperation and constructive criticism.
What is the salt?
You enter the address of your database and login / password to connect to the form. If we limit ourselves to this, only the ability to connect to the site will be checked. But you can also write a specific request, for execution with a regular check. The result can be considered, at choice, the number of rows affected by the query (for example, the result of the query SELECT COUNT (*) or DELETE), or the result of the first cell in the first row. Thus, you can control everything that is done in the database, if desired. It is also possible to compare this value with some reference, and provide for a certain logic. For example, to sound an alarm if the reference value is exceeded, differs from the set value or crawls out of a certain framework.
The result of such checks is quite understandable and obvious statistics. For example, below are the results of monitoring the volume of the database, with the established limit of 25 GB. As you can see, the volume grows linearly - either cleaning is not performed, or maybe such growth is the normal order of things. On some day, the set volume was exceeded, and the client received a notification, but so far no visible action has been taken. Alternatively, it could be a “guard” against sudden volume jumps, but in this case the task should be edited and the critical value increased so that it would continue to perform such a function.
In addition, the graph shows that the statistics retain the time for determining DNS, connecting, and actually executing the request. If the request suddenly starts to run longer than usual - this is also easy to see in the statistics of the HostTracker .
How safe is it
The security problem really exists: the username and password from your database is with us. But following simple rules can prevent potential troubles. Firstly, we recommend setting up a firewall by allowing connections to only the two addresses indicated in the first picture. Secondly, create an account that is allowed access only to the database and table that is needed to execute the command. And just for reading, of course. Well, by constructing the queries in such a way that only the number or number of rows is returned, you can be sure that we are not receiving any other data. If you really need to, you can create a separate procedure and run only it in the request - in this case, our service will not even receive information about your database architecture and table names.
Other interesting things
I’ll briefly mention other useful features that may be useful to people who are “responsible for everything” in small companies. Recently, it became possible to check the site’s inclusion in the lists of Roskomnadzor , as well as in various spam blockers - DNSBL lists . Well, the “hit” is a problem that killed a lot of nerves and money. This is the sudden expiration of a domain or certificate. And this, too, can be controlled additionally .
All this is being tested and improved, including thanks to customer reviews and well-wishers. Therefore, we are always happy for cooperation and constructive criticism.