search

qriouslad / system-dashboard

Centralized dashboard to monitor various WordPress components, stats and data, including the server.
https://wordpress.org/plugins/system-dashboard/
GNU General Public License v2.0
31 stars 3 forks source link

Server Name + CPU Load Average + Cloudflare #14

Open jordantrizz opened 2 years ago

jordantrizz commented 2 years ago

Hello, it would be good to have the server name present under the IP address. Some people who have multiple servers will name them to easily identify them, which would be useful.

Load average shouldn't just be in percentages, the original formatting should be present with the percentages provided in addition. The majority of the people who are concerned about load averages would most likely be wanting the former versus the latter.

Some queries are blocked by Cloudflare's WAF, this was blocked on the pro plan.

wp-admin/admin-ajax.php?action=sd_viewer&filename=wp-config.php&fast_ajax=true&load_plugins%5B%5D=system-dashboard%2Fsystem-dashboard.php&_fs_blog_admin=true

qriouslad commented 2 years ago

@jordantrizz thanks for the feedback!

If "server name" = "hostname" I've added it for the next release, as well as the raw CPU load average values.

Not sure I can do anything about bypassing Cloudflare's WAF. My question is, what does it look like on the dashboard? e.g. wp-config.php is shown blank but the rest of the dashboard is functioning properly? Do you have any idea how I can bypass or workaround the WAF?

jordantrizz commented 2 years ago

If "server name" = "hostname" I've added it for the next release, as well as the raw CPU load average values.

Amazing, thanks!

Not sure I can do anything about bypassing Cloudflare's WAF. My question is, what does it look like on the dashboard? e.g. wp-config.php is shown blank but the rest of the dashboard is functioning properly? Do you have any idea how I can bypass or workaround the WAF?

When clicking on a specific tool, the "Loading" text will show and never return any data. I believe this was when I was trying to load a list of plugins.

Sign up for a free Cloudflare account, some WAF rules are available on the free plan. You might have to purchase Cloudflare Pro temporarily or get access to a Cloudflare Pro instance to test. I simply wanted to make you aware of this in case someone else has the same issue.

For instance, you might want to add in the detection of being behind Cloudflare (I'll put in another request). Then a notice that some functions might fail if using the Cloudflare WAF. Regardless, there should be some sort of FAQ about WAFs as your plugin might trigger modsec, 7G firewall (https://perishablepress.com/7g-firewall/) and other WAFs or security plugins.