Docs about running and securing JEF-Monitor?

[liar666]

Hi,

I'm trying to run JEF-Monitor to monitor my crawlers.

I've been looking everywhere, but I couldn't find any documentation about how to configure, run and secure JEF-Monitor. Do you have any pointers?

More particularly:

• When I simply ran the jef-monitor.sh script, it complained about lacking configuration and port being already in use. I found the config/ sub-directory, with a setup.properties file. I changed the port to one that is not used on my machine. But I'm not sure what other options are available or chould be configured before first start.
• Also in order to secure my installation, I changed "https" to "true", but this resulted in Exception in thread "main" java.lang.NullPointerException at com.norconex.jefmon.server.JEFMonServer.initHttpsConnector(JEFMonServer.java:167) at com.norconex.jefmon.server.JEFMonServer.(JEFMonServer.java:83) at com.norconex.jefmon.server.JEFMonServer.main(JEFMonServer.java:204) So I assume there lack some other configuration, which results in some parameter remaining "null"
• I managed to start JEF-Monitor in http-only, but discovered the whole server interface is accessible to anyone. Is there a way to at least setup a password so that only I (and my colleagues) can monitor and manage my crawlers?

[essiembre]

I just made a new snapshot release which fixes the https issue.

There is nothing built-in to password protect the app right now. I am making this a feature request.

In the meantime if you really need to restrict the access, you can front the application with an HTTP server such as NGINX or Apache HTTP server. You can enable https there as well, which can be with a properly signed certificate for your domain, which will prevent browser warnings you will get right now with using the built-in key store in JEF Monitor.

We are making note to improve documentation as well.

[evaso]

Hi Pascal, how can I front the application with an HTTP server such as Apache HTTP server? I would like to run JEF-Monitor in a specific domain name e.g. jef.example.com. How should the apache configuration file looks like? Do you have a tip?

Thanks and Regards

[essiembre]

This is more a question for the Apache community, but I am sure you can find several good examples online.

You can find Apache documentation here: https://httpd.apache.org/docs/current/

It can be intimidating at first, but I recommend you focus your research on virtual hosts and reverse proxy.

Articles like this one will offer the basics your a looking for: https://www.digitalocean.com/community/tutorials/how-to-use-apache-http-server-as-reverse-proxy-using-mod_proxy-extension

[evaso]

Yes, I know it's more Apache configuration related. Thanks for the feedback. It helped anyway. This configuration has made it work:

Rewrite Engine On RewriteCond% {HTTP: Upgrade} = websocket [NC] RewriteRule /(.) ws: // localhost: 8080 / $ 1 [P, L] RewriteCond% {HTTP: Upgrade}! = Websocket [NC] RewriteRule /(.) http: // localhost: 8080 / $ 1 [P, L] ProxyPassReverse / http: // localhost: 8080 /

It works quite well and the access is made via https with signed certificates for the own domain. Thanks again!

[essiembre]

Thanks for providing your solution.