Exception Raising |
|
|
|
||
|
Exception Raising |
|
|
|
|
Exception Raising
|
Exception Raising |
|
|
|
||
|
Exception Raising |
|
|
|
|
|
|
||
This tab allows you to define which exceptions will be raised by WhosOn and what actions WhosOn will perform when an exception is raised.
Exceptions are errors on your site or events that are out of the ordinary that may require your attention. Exceptions are raised for things like 404 errors, hacker attempts, your web site not responding etc.
When exceptions are raised they are added to the Exceptions List. They can also be emailed to you, sent via an SMS text message, sent via a network message to the WhosOn Clients, or added to the Windows event log. Exceptions are designed to keep you informed in real-time about events happening on your web server that may need your attention.
The following exception types can currently be raised by WhosOn:
No# |
Details |
Default Value For X |
110 |
More than x active visitors |
100 |
122 |
No visitors for x minutes |
60 |
130 |
Single visitor on site for more than x minutes |
10 |
131 |
Single visitor viewed more than x pages |
25 |
132 |
Same visitor returning more than x times during a day |
10 |
133 |
Same visitor returning more than x times |
100 |
134 |
Single visitor viewed pages [page] for more than x minutes |
5 |
150 |
The EXE file [filename] was requested |
|
151 |
The DLL file [filename] was requested |
|
152 |
The BAT file [filename] was requested |
|
153 |
The VBS file [filename] was requested |
|
160 |
The requested path contains ../ |
|
161 |
Visitor generated more then x 404 errors |
10 |
162 |
Visitor used a PUT request on page [page] |
|
163 |
Visitor used a DELETE request on page [page] |
|
164 |
Visitor requested more than x pages in 1 minute |
60 |
165 |
Possible HACKER detected! |
|
166 |
IP was blocked from IIS after hacker exceptions raised. |
|
170 |
Touch failed with error [error]. The web server may be down! |
|
171 |
Touch resumed. The web server is back up. |
|
180 |
Failed to logon to SQL Server [servername]. SQL Server may be down. |
|
181 |
Login to SQL Server resumed. |
|
200 |
Visitor has requested a chat. |
|
202 |
Visitor has started chatting to [operator name] |
|
204 |
Visitor requested a chat but no operators responded even though operators are on-line. |
|
400 |
HTTP Bad request on page [lastpage] |
|
401 |
HTTP Unauthorized on page [lastpage] |
|
403 |
HTTP Forbidden on page [lastpage] |
|
404 |
HTTP Page [lastpage] not found 404 error |
|
405 |
HTTP Method not allowed on page [lastpage] |
|
406 |
HTTP Not acceptable on page [lastpage] |
|
407 |
HTTP Proxy authentication required on page [lastpage] |
|
408 |
HTTP Request timeout on page [lastpage] |
|
409 |
HTTP Conflict on page [lastpage] |
|
410 |
HTTP Gone on page [lastpage] |
|
411 |
HTTP Length required on page [lastpage] |
|
412 |
HTTP Precondition failed on page [lastpage] |
|
413 |
HTTP Request entity too large on page [lastpage] |
|
414 |
HTTP Request URI too long on page [lastpage] |
|
415 |
HTTP Unsupported media type on page [lastpage] |
|
416 |
HTTP Requested range not satisfiable on page [lastpage] |
|
417 |
HTTP Expectation failed on page [lastpage] |
|
500 |
HTTP Internal server error on page [lastpage] |
|
502 |
HTTP Bad gateway on page [lastpage] |
|
503 |
HTTP Server Overloaded! |
|
504 |
HTTP Gateway timeout |
|
505 |
HTTP Version not supported |
|
900 |
Unrecognized browser: [browser] |
|
902 |
New unknown spider detected. |
|
Exceptions 400-505 correspond to all the standard HTTP error codes. For example if a missing page is requested exception 404 will be raised Page Not Found.
Some exceptions contain a variable value that can be changed.
You can enable or disable exception raising for each type and you can define what WhosOn should do when the Exception is raised.
To edit an Exception select it in the list and click the Edit Exception button.
Uncheck the Raise This Exception checkbox to stop WhosOn raising the exception.
The Value entry allows you to enter a numeric value against the exceptions that are triggered against a value. For example, the exception: '122 No visitors for [value] minutes' defaults to 60 minutes but you can change it to any value.
You can edit the Description of the exception if you choose but leave the [value] string somewhere in the text.
The rest of the tabs on the Exception Type form are used to configure what WhosOn should do when the exception is raised:
Exceptions can be emailed to you as they are raised, allowing you to take immediate action. Check the Send An Email When This Exception Is Raised checkbox against the exceptions you want to be emailed. You can also enter specific email addresses. If you leave the email address blank then exception will be sent to the default address.
Popup Message
WhosOn can send a popup message to the WhosOn Clients. Check the Send A Popup Alert To Clients When This Exception Is Raised checkbox to enable exception popups.
You can enter specific Client Names to receive popup messages for this exception. If you leave this entry blank the popup will be sent to all clients responsible for the site.
SMS Text
WhosOn can send a message to a pager or mobile phone. You can enter the phone number to receive the message. (See: SMS Text Settings). You can also define a default phone number for each monitored site.
Event Log
WhosOn can add the exception to the windows Event Log. You can select the level of event.
Run Program
Exceptions can trigger the execution of a program or script. If you enable this option you must enter the full path & name of the program to execute. If you want to run a Windows script enter the scripting host exe (wscript.exe) followed by the script name.
Before the program or script is run WhosOn sets the following Environment variables:
whosonIPAddress |
Will contain the visitors IP address that caused the exception to be raised (if any). |
whosonExceptionNumber |
Will contain the exception number. |
whosonExceptionValue |
Will contain the value figure. |
whosonSiteName |
The name of the site raising the exception. |
You can then use these values in the external program or script to take action on.
Hacker Detection
WhosOn can detect visitors that may be trying to hack your site by watching for combinations of Exceptions that the visitor is raising.
When a new visitor arrives at your site WhosOn assigns them the 'Hackcount' of zero. This 'Hackcount' is incremented when certain exceptions are raised by the visitor. When the Hackcount reaches a certain value, the visitor is flagged as a possible hacker and the 'Hacker Detected' exception (number 165) is raised.
You can setup actions against the Hacker Detected Exception. You could have the Exception emailed to you or sent to the WhosOn Clients. You could also run a program or script.
When the Hacker Detected exception is raised against the visitor, the visitors icon immediately changes in the Current Visitor list to a 
.
WhosOn saves the Hackcount against the visitor in the database, so that when the visitor returns to your site in the future, WhosOn knows that previously the visitor has triggered the hacker exception.
You can enable Automatic Exclusion from IIS if you have imported the site details from IIS. This can be used to automatically exclude visitors from IIS itself who repeatedly cause the hacker exception to be raised. (See: Site Settings IIS Tab)
The following exceptions cause the Hackcount to be incremented:
Number |
Exception Type |
Increments Hackcount By |
150 |
EXE file requested + 404 error |
2 |
151 |
DLL file requested + 404 error |
2 |
160 |
Requested path contains ../ |
1 |
162 |
PUT requested + 404 error |
1 |
163 |
DELETE requested + 404 error |
2 |
161 |
More than x 404 errors |
2 |
164 |
Visitor requested more than x pages in 1 minute |
1 |
For example, if a visitor requested '../../cmd.exe' and this generated a 404 error, the Hackcount would be incremented by 3.
SMS Text Settings
WhosOn is capable of sending SMS messages when exceptions occur, and when new Prospects, Customers or Chat requests occur.
The actual sending of SMS messages is done by our SMS Server Gateway. Before sending SMS messages you need to setup an SMS Server Account and purchase 'credits'.
SMS messages cost between $.12 and $.05 each depending on the country and network of the receiver. The receiver of the SMS is not charged anything. Email2DB can send messages to almost all countries and networks. For full details of coverage and pricing see http://www.email2db/ordersms.htm
Click the Start The SMS Account Manager button to start the SMS Server Account Manager. Here you can create a new account and purchase credits and view your current balance.
Once you have setup an account enter the SMS Server Account User Name and Password. WhosOn will use this when it sends SMS messages. Each message sent will reduce your account balance.