I personally set up a Virtualmin on my production server, and one of the hassles I have encountered for the past 2 years in production, are keeping all the service active and working as expected to my paid clients.
One of the solutions I had was UptimeRobot, which has a limited feature in a free version, however, still it servers it purpose. Here, I was able to monitor HTTP/HTTPS status across to my production sites.
Here is a quick screenshot from UptimeRobot Dashboard.
However, UptimeRobot free service have a limitation, these are:
- 5 minutes monitoring intervals, which means, you can set 5 minutes as the lowest monitoring interval in the free plan.
- 50 monitors entries on your account.
- No SMS (or voice calls), which it does not serve purpose on my end, considering, I monitored mostly via emails.
- 2 months of logs only.
For personal use, this service is okay at first, however, the more you discover the challenges on managing a VPS, the harder it gets to ensure you have a working hosting 24/7.
So I came across with Zabbix. If you visit their website, you have an idea what services they have, here is a quick screenshot below:
I am more interested in Server Monitoring, and it says:
Zabbix has a rich set of features to enable users to monitor more than just hosts, offering great flexibility to administrators when it comes to choosing the most suitable option for each situation.
So without any hesitation, I spin a $5 Droplet in DigitalOcean and try it out. We will see if this is worth installing. If you wish to try DigitalOcean, feel free to use my referral link below:
You will get $100 in credit over 60 days, this should be enough for you to try their service and install Zabbix.
Download and Install Zabbix
These commands can be found on their download page. In my case, I will use Ubuntu 16.04 LTS and Zabbix version 4.0 LTS. However, Zabbix also supports these OS below:
- Red Hat Enterprise Linux 8, 7, 6
- CentOS 8, 7, 6
- Oracle Linux 8, 7, 6
- Ubuntu 18.04 (Bionic), 16.04 (Xenial), 14.04 (Trusty)
- Debian 10 (Buster), 9 (Stretch), 8 (Jessie)
- SUSE Linux Enterprise Server 15, 12
- Raspbian 10 (Buster), 9 (Stretch)
Install Zabbix Repository.
sudo wget https://repo.zabbix.com/zabbix/4.0/ubuntu/pool/main/z/zabbix-release/zabbix-release_4.0-3+xenial_all.deb sudo dpkg -i zabbix-release_4.0-3+xenial_all.deb sudo apt update
Install Zabbix Server, Zabbix Frontend, and Zabbix Agent
sudo apt install zabbix-server-mysql zabbix-frontend-php zabbix-agent
Create Initial Database
sudo mysql -uroot -p
Enter your MySQL root password. In my case, I do not have a password yet, so just press enter on your keyboard.
mysql> create database zabbix character set utf8 collate utf8_bin; mysql> grant all privileges on zabbix.* to zabbix@localhost identified by 'password!'; mysql> quit;
On Zabbix server host import initial schema and data. You will be prompted to enter your newly created password.
sudo zcat /usr/share/doc/zabbix-server-mysql*/create.sql.gz | mysql -uzabbix -p zabbix
The said command above will ask for your MySQL password you set for Zabbix. In our case, this will be ‘password!’.
Configure the database for Zabbix Server
Edit file /etc/zabbix/zabbix_server.conf with your favorite terminal editor. In my case, I will use nano.
sudo nano /etc/zabbix/zabbix_server.conf
From here, look for DBPassword, and replace the current value to your password set up earlier. For example:
### Option: DBPassword # Database password. # Comment this line if no password is used. # # Mandatory: no # Default: # DBPassword= # Edit: Password we created earlier. DBPassword=password!
Configure PHP for Zabbix Frontend.
Edit file /etc/zabbix/apache.conf, uncomment and set the right timezone for you. For example, my current timezone is php_value date.timezone Asia/Manila
<Directory "/usr/share/zabbix"> Options FollowSymLinks AllowOverride None Order allow,deny Allow from all <IfModule mod_php5.c> php_value max_execution_time 300 php_value memory_limit 128M php_value post_max_size 16M php_value upload_max_filesize 2M php_value max_input_time 300 php_value max_input_vars 10000 php_value always_populate_raw_post_data -1 # Edit: Change to your desired timezone php_value date.timezone Asia/Manila </IfModule> <IfModule mod_php7.c> php_value max_execution_time 300 php_value memory_limit 128M php_value post_max_size 16M php_value upload_max_filesize 2M php_value max_input_time 300 php_value max_input_vars 10000 php_value always_populate_raw_post_data -1 # Edit: Change to your desired timezone php_value date.timezone Asia/Manila </IfModule> </Directory>
For complete List of Supported Timezones.
Start Zabbix Server and Zabbix Agent processes
Start the Zabbix server and Zabbix agent processes and make it start at system boot.
sudo systemctl restart zabbix-server zabbix-agent apache2 sudo systemctl enable zabbix-server zabbix-agent apache2
Configure Zabbix Frontend
Connect to your newly installed Zabbix frontend: http://server_ip_or_name/zabbix. Follow steps described in Zabbix documentation: Installing frontend
You should see the first screen of the frontend installation wizard. For example, see the screenshots:
After the installation has been completed. You should be able to access your Zabbix login page. Now the default username: Admin and password: zabbix
Best Practices for Secure Zabbix Setup
The practices contained here are not required for the functioning of Zabbix. They are recommended for better security of the system. For more details, see Best practices for secure Zabbix setup
In my setup, here are the changes I made on my end.
Removing Apache Default Page
In a successful apache setup, you will get the ‘Apache2 Ubuntu Default Page’ when you visit your machine IP address. For example:
The test page should be removed or should be made unavailable as part of the apache hardening practice.
sudo rm /var/www/html/index.html
You should get the page below once successful.
Removing Directory Listing
Edit the Apache config file.
sudo nano /etc/apache2/apache2.conf
Once you open the apache2.conf, look for ‘/var/www/’ directory, then change AllowOverride None to AllowOverride All
# Sets the default security model of the Apache2 HTTPD server. It does # not allow access to the root filesystem outside of /usr/share and /var/www. # The former is used by web applications packaged in Debian, # the latter may be used for local directories served by the web server. If # your system is serving content from a sub-directory in /srv you must allow # access here, or in any related virtual host. <Directory /> Options FollowSymLinks AllowOverride None Require all denied </Directory> <Directory /usr/share> AllowOverride None Require all granted </Directory> <Directory /var/www/> Options Indexes FollowSymLinks # Edit: Make sure to change the AllowOverride None to: AllowOverride All Require all granted </Directory> #<Directory /srv/> # Options Indexes FollowSymLinks # AllowOverride None # Require all granted #</Directory>
Create .htaccess in /var/www/html/ directory, and add ‘
sudo nano /var/www/html/.htaccess
Finally, restart apache2 to see our changes in action.
sudo systemctl restart apache2
You should get 403 Forbidden when you visit your machine IP address. For example:
I hope this will help you out. Bookmark this page, I will update more config and settings in Zabbix Dashboard for you to utilize the entire tool. Stay tuned!