-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathhealth-check-tester-script.sh
executable file
·155 lines (150 loc) · 7.85 KB
/
health-check-tester-script.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
# We've added an offline script for people who want to use this script to see how it works
# Just make this file executable with chmod +x [insert filename path here] and then run with bash [insert filename path here]
commit=false
origin=$(git remote get-url origin)
if [[ $origin == *CuratedNews/curatednewsbusiness* ]]
then
commit=true
fi
active_reports=""
KEYSARRAY=()
URLSARRAY=()
urlsConfig="./urls.cfg"
echo "Reading $urlsConfig"
while read -r line
do
echo " $line"
IFS='=' read -ra TOKENS <<< "$line"
KEYSARRAY+=(${TOKENS[0]})
URLSARRAY+=(${TOKENS[1]})
done < "$urlsConfig"
echo "***********************"
echo "Starting health checks with ${#KEYSARRAY[@]} configs:"
for (( index=0; index < ${#KEYSARRAY[@]}; index++))
do
key="${KEYSARRAY[index]}"
url="${URLSARRAY[index]}"
echo " $key=$url"
for i in 1 2 3 4;
do
report_date=$(date +%Y-%m-%d_%H-%M-%S)
report_title=""
report_summary=""
report_mitigated=""
response=$(curl --write-out '%{http_code}' --silent --output /dev/null $url)
reponseTime=$(curl --write-out '%{time_total}' --silent --output /dev/null $url)
echo "responded in $responseTime seconds"
linkdomain=$(echo "$url" | sed -e 's|^[^/]*//||' -e 's|/.*$||')
googlednsresponse=$(curl -s -H 'Accept: application/dns-json' 'https://dns.google/resolve?name='$linkdomain)
cloudflarednsresponse=$(curl -s -H 'Accept: application/dns-json' 'https://cloudflare-dns.com/dns-query?name='$linkdomain'&type=AAAA')
googlednsstatus=$(echo "$googlednsresponse" | jq '.Status')
googlednsstatusreponse=$(echo "$googlednsresponse" | jq '.Answer[] | .data')
cloudflarednsstatus=$(echo "$cloudflarednsresponse" | jq '.Status')
cloudflarednsstatusreponse=$(echo "$cloudflarednsresponse" | jq '.Authority[] | .data')
if [ $linkdomain = "curatednews.xyz" ]; then
jq -n '{"curatednews.xyz": "'$responseTime'"}' > speed/speed.json
else
jq '. |= (. + input)' speed/speed.json <(echo '{"'${linkdomain}'": "'$responseTime'"}') >> tmp.json && mv tmp.json speed/speed.json
fi
if [ "$response" -eq 200 ] || [ "$response" -eq 202 ] || [ "$response" -eq 301 ] || [ "$response" -eq 302 ] || [ "$response" -eq 307 ]; then
result="success"
if [ $linkdomain = "curatednews.xyz" ]; then
jq -n '{"curatednews.xyz": "Normal"}' > configuration/configuration.json
else
jq '. |= (. + input)' configuration/configuration.json <(echo '{"'${linkdomain}'": "Normal"}') >> tmp.json && mv tmp.json configuration/configuration.json
fi
else
response=$(curl -I --write-out '%header{date}' --silent --output /dev/null $url)
echo "date of security header request is $response"
if [ $(echo "$response" | wc -c) -eq 0 ] || [ -z "$response" ]; then
echo "! $url headers unreachable"
result="failed"
else
header_date=$(date -d "$response" '+%Y-%m-%d')
echo "converted date of security header request is $header_date"
date=$(date '+%Y-%m-%d')
echo "current date is $date"
todate=$(date -d "$header_date" +%s)
cond=$(date -d "$date" +%s)
if [ $todate -ge $cond ]; then
result="success"
echo "+ $url headers reachable with correct date-time group"
if [ $linkdomain = "curatednews.xyz" ]; then
jq -n '{"curatednews.xyz": "Extra Security"}' > configuration/configuration.json
else
jq '. |= (. + input)' configuration/configuration.json <(echo '{"'${linkdomain}'": "Extra Security"}') >> tmp.json && mv tmp.json configuration/configuration.json
fi
report_title="Enhanced Security Active"
report_summary="Our automated system could not get an http response but got timely headers successfully. $linkdomain is either misconfigured or has active protections enabled for extra security. If you are having trouble accessing $linkdomain, please make sure your browser is up-to-date, you do not have interfering browser extensions, cached data, or incorrect user-agent settings. This can indicate unusual browser behavior which may cause a page failure due to flagged security parameters."
report_mitigated="Security may be permanently enabled."
else
result="failed"
echo "! $url headers unreachable at correct date-time group"
fi
fi
unset response
fi
if [ "$result" = "success" ]; then
echo "response at $url succeeded"
if [[ $googlednsstatus -eq 0 ]] || [[ $cloudflarednsstatus -eq 0 ]]; then
echo "$url DNS is working"
if [ $linkdomain = "curatednews.xyz" ]; then
jq -n '{"curatednews.xyz": "up"}' > dns/dns.json
else
jq '. |= (. + input)' dns/dns.json <(echo '{"'${linkdomain}'": "up"}') >> tmp.json && mv tmp.json dns/dns.json
fi
elif [[ $googlednsstatus -eq 1 ]] || [[ $cloudflarednsstatus -eq 1 ]]; then
echo "$url DNS query incorrect"
elif [[ $googlednsstatus -eq 2 ]] || [[ $cloudflarednsstatus -eq 2 ]]; then
echo "$url DNS is down"
report_title="DNS Outtage"
report_summary="After an DNS uptime check of $linkdomain, Google reported a DNS response code of $googlednsstatus and Cloudflare reported a DNS reponse code of $cloudflarednsstatus. A status and/or error code of 2 means this web server's DNS is currently down."
report_mitigated="An automated fix is on-going."
if [ $linkdomain = "curatednews.xyz" ]; then
jq -n '{"curatednews.xyz": "down"}' > dns/dns.json
else
jq '. |= (. + input)' dns/dns.json <(echo '{"'${linkdomain}'": "down"}') >> tmp.json && mv tmp.json dns/dns.json
fi
elif [[ $googlednsstatus -eq 3 ]] || [[ $cloudflarednsstatus -eq 3 ]]; then
echo "$url DNS does not exist"
elif [[ $googlednsstatus -eq 4 ]] || [[ $cloudflarednsstatus -eq 4 ]]; then
echo "$url "
elif [[ $googlednsstatus -eq 5 ]] || [[ $cloudflarednsstatus -eq 5 ]]; then
echo "$url DNS refused request"
elif [[ $googlednsstatus -eq 6 ]] || [[ $cloudflarednsstatus -eq 6 ]]; then
echo "$url DNS availble but should not exist"
elif [[ $googlednsstatus -eq 7 ]] || [[ $cloudflarednsstatus -eq 7 ]]; then
echo "$url DNS RRset should not exist is available"
elif [[ $googlednsstatus -eq 8 ]] || [[ $cloudflarednsstatus -eq 8 ]]; then
echo "$url DNS not authoritative"
elif [[ $googlednsstatus -eq 9 ]] || [[ $cloudflarednsstatus -eq 9 ]]; then
echo "$url DNS not in zone"
else
echo "DNS response from DoH was invalid"
fi
if [[ "$googlednsstatusreponse" == *"69.163.140.222"* ]] || [[ "$cloudflarednsstatus" == *"dreamhost.com"* ]] && [[ "$linkdomain" == *"curatednews.xyz"* ]]; then
echo "$url DNS is expected DNS"
jq -n '{"curatednews.xyz": "secure"}' > security/security.json
elif [[ "$googlednsstatusreponse" == *"104.21.48.178"* ]] || [[ "$googlednsstatusreponse" == *"172.67.155.85"* ]]; then
echo "$url DNS is expected DNS"
jq '. |= (. + input)' security/security.json <(echo '{"'${linkdomain}'": "secure"}') >> tmp.json && mv tmp.json security/security.json
else
echo "$url DNS result is unexpected"
jq '. |= (. + input)' security/security.json <(echo '{"'${linkdomain}'": "insecure"}') >> tmp.json && mv tmp.json security/security.json
fi
active_reports="$report_date-_-$report_title-_-$report_summary-_-$report_mitigated"
if [ $linkdomain = "curatednews.xyz" ]; then
cp incidents/active.json incidents/inactive.json
jq -n '{"curatednews.xyz": "'$active_reports'"}' > incidents/active.json
else
jq '. |= (. + input)' incidents/active.json <(echo '{"'${linkdomain}'": "'${active_reports}'"}') >> tmp.json && mv tmp.json incidents/active.json
fi
break
fi
if [ "$result" = "failed" ]; then
echo "response at $url failed"
break
fi
sleep 5
done
done