News :: 15MR: ApHeMo (Brief)

Rate This Article!

Discuss This!

Head over to the forums

Add This!

AddThis Social Bookmark Button

Hello all! Thanks for dropping by today! Today’s application is ApHeMo—an Apache monitoring application. Since I do not have a monitorable Apache server set up and would take too long to bring an Apache server to production-level to test properle, I do feel this application will not fit within the scope of a 15 Minute Review; However, I will comment upon the concept & design of it and my initial feelings on it.

As Giveaway of the Day states:

“ApHeMo is a Health Monitoring analyser for the famous Apache HTTP Server. ApHeMo makes administrators able to improve security, reliability and to easily detect attacks from hackers (scans, potential backdoors…)”

Quick Comments

After taking a quick review of this application, it seems very basic. Might be a useful tool for a newbie to Apache some help keeping it running. Its ability to tell you if there is a backdoor due to an Apache bug seems overly simple—All you have to do is check the Apache version or keep your server up-to-date. Basic log reading features seem okay, however, it can be only one part of the story as well. Apache tends to be the strongest part of the story. With SQL injections, PHP arbitrary executions and more, Apache is generally the strong point. If you have someone invading your website through Apache, you should probably use a professional to help you with damage control and source tracking.

Just quickly tossing it on my computer anyways, a few things that quirk me is there is NO built-in FTP support (Comon, its meant for remote hosts, right?) The refresh button I am assuming requires you to be running local or have a decent FTP setup that maps to your computer. I would figure if this were the case and this was meant as an emergency app (flashing tabs, etc,) that it would auto-refresh as well. All this application appears to do is present the log in a newbie-readable format.

There are a small army of log analysis applications out there; A lot of freeware/open source ones, and some killer pay-for ones. Most of these will do what you need without being annoying like this one explains itself to be. If you think you would need this, then go ahead and try it. As for paying $30? I’ll break out PuTTY and go through my logs myself, or write a quick perl to read them how I like them.

Posted by BladedThoth on Monday, February 05, 2007