Loading...
 
Skip to main content

Server check

Tiki Check is stable & functional. Below are some ideas for the future, but no more imminent work is planned.

Bugs

Next

  • tiki-check.php: make all these 50+ values available to Nagios/Icinga/Shinken
  • tiki-check.php should refuse being indexed by robots (how to do this in PHP?)
  • The checks we have for htaccess (which are in tiki-admin.php?page=sefurl) should be available in tiki-check.php and when .htaccess is not the correct one for that version, there should be a huge warning
  • Make it easy to find for site admins (ex.: add link in menu, or admin panel)
  • Backport to branches/9.x
  • tiki-install.php -> * PHP error reporting level should not be reverted Done in trunk and 9.2
  • Testing Tiki installations on major Shared Hosting companies
  • Make a section for advanced things that basic users shouldn't worry about Done, I changed the category from bad to info

Questions

  • In tiki-admin_system.php, when exporting a zip: Error:PCLZIP_ERR_READ_OPEN_FAIL (-2) : Unable to open archive '' in wb mode
  • Is realpath_cache check suitable for Tiki Check?
  • Is there a reliable way to tell people where to change the settings? (ex: /etc/php.ini /etc/my.cnf )
  • Are warnings about default_charset and date.timezone too stern? I have seen them on servers where Tiki works nicely
    • I changed from bad to ugly
  • if possible warn when running with another MPM than "prefork" - PHP is NOT thread-safe
    • can this be checked from PHP at all? (without using exec and parsing apachectl output)
  • session.save_path = /tmp
    • Does it make sense to check that?! Reasonable values for this vary from server to server and setup to setup.
  • Can we check for a working .htaccess?
    • e.g. create a htaccess with some RewriteRule in it, call the URL and see if it is being rewritten
    • any smarter way?
  • Can we check for the configuration of mod_deflate/expires/security ?
  • Disk space check should be KILled completely, it's the wrong place for it here.

Phase 2

  • Zend_Search_Lucene doesn't work on certain servers
    • Also, sometimes, it crashes during rebuild. If you have two directories (temp/unified-index-new/ and temp/unified-index/, it means that something went wrong. Tiki Check should detect and report this.


Beyond Tiki Check, but let's explore

  • Should we have tiki-admin.php?page=server where we attempt to override various settings uncovered by Tiki Check?
  • File storage
    • If more than 50 Megs in MySQL, recommend to the admin to move to filesystem
    • If set to filesystem, but they are not accessible/writable, give a warning
  • check if we are often using more than x% of memory_limit and warn the admin
  • Run tiki-check automated, regularly in the background and e-mail admin or something like that
    • Run on Pre-Dogfood Servers and send an email report of hard crashes. (email could be stored in db/local.php)
  • security - how to lock it? (turtle)
    • If a Tiki is installed where tiki-check.php is, it should use tiki auth system and check tiki_p_admin, or ask for db/local.php info (because if Tiki is crashed, it can't check for tiki_p_admin). If it detects a brute force password attack, it should lock itself like t0iki-install.php does.
  • what happens, if Tiki is crashed
    • We want it to run in standalone, but we don't want people to DoS a Tiki to read it
  • A function to export to txt, csv, html or something for easy distribution to people wanting to help on debugging
    • ask LPH for some parsable format
      • Could be .csv to mother.tiki.org
        • We should do this at the end
  • In tiki-admin.php it should be warned that activating a feature doesn't help, if the server environment doesn't support it

File/folder permissions

tiki-recovery.php

Nice to have

  • Can Tiki index file content? -> Search Within Files
    • Link to Admin->File Galleries
  • Check if Tikis Paths fit open_basedir
  • It would be nice to run from the command line php tiki-check.php and have a decent looking output (now it's hard to read HTML)
    • Since CLI PHP can be different than the web PHP, is this a good idea?

Low priority (only do if very easy)

  • Show DB-credentials form in the MySQL section
  • Is it possible to report 32bits vs 64 bits? (useful to know what software to install)
  • Indicate if MyISAM or InnoDB (people can use adminer.php)
  • Warn if correlating values are too far off each other, for example
    • max_execution_time <> max_input_time
    • upload_max_filesize <> post_max_size <> max_allowed_packet

sh tiki-check.sh

  • Since some things (like Apache worker MPM) can't be detected via PHP, perhaps the next step will be tiki-check.sh Let's move all the checks that can't be done via PHP to this section. And even here, some things will require root.
  • Check for these Server tools or for requirements for TRIM


Server check script examples

Good, bad, ugly references


In Nagios, it's OK, WARNING, UNKNOWN, or CRITICAL

Related

alias
Show PHP error messages