From 74ef41ef690447b8499c16f8aec5578f4ae4297c Mon Sep 17 00:00:00 2001 From: Jason Kim Date: Tue, 29 May 2018 22:35:52 -0700 Subject: [PATCH 1/2] #187: 5.7. maintenance endpoint is dangerous when it becomes a target of DDOS --- sections/production/createmaintenanceendpoint.md | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/sections/production/createmaintenanceendpoint.md b/sections/production/createmaintenanceendpoint.md index 4dfa86f8..97244de0 100644 --- a/sections/production/createmaintenanceendpoint.md +++ b/sections/production/createmaintenanceendpoint.md @@ -4,7 +4,7 @@ ### One Paragraph Explainer -A maintenance endpoint is a plain secured HTTP API that is part of the app code and its purpose is to be used by the ops/production team to monitor and expose maintenance functionality. For example, it can return a head dump (memory snapshot) of the process, report whether there are some memory leaks and even allow to execute REPL commands directly. This endpoint is needed where the conventional DevOps tools (monitoring products, logs, etc) fails to gather some specific type of information or you choose not to buy/install such tools. The golden rule is using professional and external tools for monitoring and maintaining the production, these are usually more robust and accurate. That said, there are likely to be cases where the generic tools will fail to extract information that is specific to Node or to your app – for example, should you wish to generate a memory snapshot at the moment GC completed a cycle – few NPM libraries will be glad to perform this for you but popular monitoring tools will be likely to miss this functionality +A maintenance endpoint is a highly secure HTTP API that is part of the app code and its purpose is to be used by the ops/production team to monitor and expose maintenance functionality. For example, it can return a head dump (memory snapshot) of the process, report whether there are some memory leaks and even allow to execute REPL commands directly. This endpoint is needed where the conventional DevOps tools (monitoring products, logs, etc) fails to gather some specific type of information or you choose not to buy/install such tools. The golden rule is using professional and external tools for monitoring and maintaining the production, these are usually more robust and accurate. That said, there are likely to be cases where the generic tools will fail to extract information that is specific to Node or to your app – for example, should you wish to generate a memory snapshot at the moment GC completed a cycle – few NPM libraries will be glad to perform this for you but popular monitoring tools will be likely to miss this functionality. It is important to keep this endpoint private and accessibly only by admins because the endpoint can be a target of a DDOS attack.

@@ -13,8 +13,18 @@ A maintenance endpoint is a plain secured HTTP API that is part of the app code ```javascript var heapdump = require('heapdump'); +// Check if request is authorized +function isAuthorized(req) { + // ... +} + router.get('/ops/headump', (req, res, next) => { + if (!isAuthorized(req)) { + return res.status(403).send('You are not authorized!'); + } + logger.info('About to generate headump'); + heapdump.writeSnapshot((err, filename) => { console.log('headump file is ready to be sent to the caller', filename); fs.readFile(filename, "utf-8", (err, data) => { From 49141e283b74f06dde9d8c035c3ada12f3b76ad7 Mon Sep 17 00:00:00 2001 From: Bruno Scheufler <4772980+BrunoScheufler@users.noreply.github.com> Date: Wed, 30 May 2018 08:33:22 +0200 Subject: [PATCH 2/2] Fixed grammar issues and syntax --- sections/production/createmaintenanceendpoint.md | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/sections/production/createmaintenanceendpoint.md b/sections/production/createmaintenanceendpoint.md index 97244de0..710e5eff 100644 --- a/sections/production/createmaintenanceendpoint.md +++ b/sections/production/createmaintenanceendpoint.md @@ -4,29 +4,29 @@ ### One Paragraph Explainer -A maintenance endpoint is a highly secure HTTP API that is part of the app code and its purpose is to be used by the ops/production team to monitor and expose maintenance functionality. For example, it can return a head dump (memory snapshot) of the process, report whether there are some memory leaks and even allow to execute REPL commands directly. This endpoint is needed where the conventional DevOps tools (monitoring products, logs, etc) fails to gather some specific type of information or you choose not to buy/install such tools. The golden rule is using professional and external tools for monitoring and maintaining the production, these are usually more robust and accurate. That said, there are likely to be cases where the generic tools will fail to extract information that is specific to Node or to your app – for example, should you wish to generate a memory snapshot at the moment GC completed a cycle – few NPM libraries will be glad to perform this for you but popular monitoring tools will be likely to miss this functionality. It is important to keep this endpoint private and accessibly only by admins because the endpoint can be a target of a DDOS attack. +A maintenance endpoint is a highly secure HTTP API that is part of the app code and its purpose is to be used by the ops/production team to monitor and expose maintenance functionality. For example, it can return a heap dump (memory snapshot) of the process, report whether there are some memory leaks and even allow to execute REPL commands directly. This endpoint is needed where the conventional DevOps tools (monitoring products, logs, etc) fail to gather some specific type of information or you choose not to buy/install such tools. The golden rule is using professional and external tools for monitoring and maintaining the production, these are usually more robust and accurate. That said, there are likely to be cases where the generic tools will fail to extract information that is specific to Node or to your app – for example, should you wish to generate a memory snapshot at the moment GC completed a cycle – few npm libraries will be glad to perform this for you but popular monitoring tools will likely miss this functionality. It is important to keep this endpoint private and accessibly only by admins because it can become a target of a DDOS attack.

-### Code example: generating a head dump via code +### Code example: generating a heap dump via code ```javascript -var heapdump = require('heapdump'); +const heapdump = require('heapdump'); // Check if request is authorized function isAuthorized(req) { // ... } -router.get('/ops/headump', (req, res, next) => { +router.get('/ops/heapdump', (req, res, next) => { if (!isAuthorized(req)) { return res.status(403).send('You are not authorized!'); } - logger.info('About to generate headump'); + logger.info('About to generate heapdump'); heapdump.writeSnapshot((err, filename) => { - console.log('headump file is ready to be sent to the caller', filename); + console.log('heapdump file is ready to be sent to the caller', filename); fs.readFile(filename, "utf-8", (err, data) => { res.end(data); });