Saturday, June 27, 2015

Monitor Server Resources with Collectd-web and Apache CGI in Linux

This tutorial will discuss how you can install and run Collectd-web interface, which is a front-end web monitoring tool for Collectd daemon, in conjunction with Apache CGI interface in order to produce graphical html outputs in order to monitor Linux boxes.
Monitor Linux Server Resources
Monitor Linux Server Resources
At the end of the article we will, also, present how you can protect Collectd-web interface using .hpasswdApache Authentication mechanism.


The requirement of this article is, you must have Collectd and Collectd-Web installed on your Linux system. To install these packages, you must follow Steps #1 and #2 from the previous article of this series at:
  1. Install Collectd and Collectd-Web in Linux
Only Follow following two steps from the above link:
Step 1: Install Collectd Service 
Step 2: Install Collectd-Web and Dependencies 
Once these two required things completed successfully, you can continue further instructions in this article to configure Collectd-web with Apache CGI.

Step 1: Installing Apache Web Server

1. Assuming that you already have installed Apache web server on your system, if not you can install using following command according to your Linux distribution.
# apt-get install apache2 [On Debian based Systems]
# yum install httpd  [On RedHat based Systems]
2. After Apache installed, change the directory to your default web server document root (which is located under/var/www/html/ or /var/www system path and clone the Collectd-web Github project by issuing the below commands:
# cd /var/www/html
# git clone
Also, make the following Collectd-web script executable by issuing the following command:
# chmod +x /var/www/html/collectd-web/cgi-bin/graphdefs.cgi

Step 2: Enable Apache CGI (.cgi scripts) for Default Host

3. In order for Apache to run the CGI scripts located under the default host HTML Collectd-web cgi-bin directory, you need to explicitly enable Apache CGI interface for Bash scripts (with .cgi extension) by altering the sites-available default host and adding the below statements block.

On Debian Systems

First open Apache default host configuration file for editing with nano editor:
# nano /etc/apache2/sites-available/000-default.conf
While the file is opened for editing add the following directive block below the Document Root directive as illustrated on the below image:

                Options Indexes ExecCGI
                AllowOverride All
                AddHandler cgi-script .cgi
                Require all granted

Enable CGI in Debian
Enable CGI in Debian
After you’re done editing the file, close it with CTRL + o and exit nano editor (CTRL+x), then enable Apache CGI module and restart the server in order to apply all the changes made so far by issuing the below commands:
# a2enmod cgi cgid
# service apache2 restart
# systemctl restart apache2.service     [For systemd init scripts]
Enable Apache CGI
Enable Apache CGI

On RedHat Systems

4. To enable Apache CGI interface for CentOS/RHEL, open httpd.conf Apache configuration file and add the following lines at the bottom of the file:
# nano /etc/httpd/conf/httpd.conf
Add following excerpt to httpd.conf file.
ScriptAlias /cgi-bin/ “/var/www/html/collectd-web/cgi-bin"
Options FollowSymLinks ExecCGI
AddHandler cgi-script .cgi .pl
In order to apply changes, restart httpd daemon by issuing the following command:
# service httpd restart
# systemctl restart httpd        [For systemd init scripts]

Step 3: Browse Collectd-web Interface

5. In order to visit Collectd-web interface and visualize statistics about your machine collected so far, open a browser and navigate to your machine IP Address/collectd-web/ URI location using the HTTP protocol.
Collectd-Web Dashboard
Collectd-Web Dashboard

Step 4: Password Protect Collectd-web URL using Apache Authentication

6. In case you want to limit access to Collectd-web interface by protecting it using Apache Authentication mechanism (.htpasswd), which requires visitors to enter a username and a password in order to access a web resource.
To do so, you need to install apache2-utils package and create a set of credentials for local authentication. To achieve this goal, first issue the following command to install apache2-utils package:
# apt-get install apache2-utils         [On Debian based Systems]
# yum install httpd-tools  [On RedHat based Systems]
7. Next, generate a username and a password which will be stored on a hidden local .htpass file located under Apache default host Collectd-web path by issuing the below command:
# htpasswd -c /var/www/html/collectd-web/.htpass  your_username
Try to protect this file by assigning the following permissions:
# chmod 700 /var/www/html/collectd-web/.htpass
# chown www-data /var/www/html/collectd-web/.htpass
8. On the next step, after you have generated .htpass file, open Apache default host for editing and instruct the server to use htpasswd basic server-side authentication by adding the following directive block as illustrated on the below screenshot:

                AuthType Basic
                AuthName "Collectd Restricted Page"
                AuthBasicProvider file
                AuthUserFile /var/www/html/collectd-web/.htpass 
                Require valid-user

Apache Password Protect Directory
Apache Password Protect Directory
9. The last step in order to reflect changes is to restart Apache server by issuing the below command and visit the Coollectd-web URL page as described above.
A pop-up should appear on the web page requesting for your authentication credentials. Use the username and password created earlier to access Collectd web interface.
# service apache2 restart  [On Debian based Systems]
# service httpd restart   [On RedHat based Systems]

---------------- For systemd init scripts ----------------
# systemctl restart apache2.service  
# systemctl restart http.service  
Apache Password Authentication
Apache Password Authentication
Collectd-Web Panel