-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathcheck_wordpress_updates.py
More file actions
executable file
·254 lines (222 loc) · 7.87 KB
/
check_wordpress_updates.py
File metadata and controls
executable file
·254 lines (222 loc) · 7.87 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
#!/usr/bin/python
# Written by Phil Tanner, May 2018
# Based heavily on these scripts:
# https://github.com/geekpete/nagiosplugins/blob/master/check_gmailunread.py
# http://yuji.wordpress.com/2011/06/22/python-imaplib-imap-example-with-gmail/
### Define required nagios script settings.
import mechanize
import cookielib
import datetime
import re
import os
import sys
import getopt
# define script name.
scriptName=sys.argv[0]
# define script version.
scriptVersion = "v0.0.1"
# Nagios plugin exit codes
STATE_OK = 0
STATE_WARNING = 1
STATE_CRITICAL = 2
STATE_UNKNOWN = 3
# Default variable values
username = ""
password = ""
host = ""
url = "/wp-login.php"
usehttps = False
wp_loginform = "loginform"
wp_field_username = "log"
wp_field_password = "pwd"
debug = False
# Define how we should be used
class Usage(Exception):
def __init__(self, err):
self.msg = err
def usage():
print "Usage: "+scriptName+" -H hostname [-U login_page_url] -u username -p password "
print " -s Expected_string_on_success"
print " "+scriptName+" -h for detailed help"
print " "+scriptName+" -V for version information"
def detailedUsage():
print "Nagios plugin to check successful login to a WordPress site (version " + scriptVersion +")"
print
usage()
print
print "Options:"
print " -h --help"
print " Print this help message."
print " -v --version"
print " Print version information then exit."
print " -H"
print " Hostname for the WordPress website."
print " -U"
print " URL for the login page (defaults to /wp-login.php)."
print " -u username"
print " User name of the WordPress account."
print " -p password"
print " Password of the WordPress account."
print " -S --secure"
print " Use SSL (run the test against https:// instead of http://)"
print " -f --formname"
print " HTML argument for name of login form on WordPress login page"
print " (defaults to '" + wp_loginform + "')"
print " --userinput"
print " HTML argument for name of username field on WordPress login page"
print " (defaults to '" + wp_field_username + "')"
print " --passwordinput"
print " HTML argument for name of password field on WordPress login page"
print " (defaults to '" + wp_field_password + "')"
print " --debug"
print " Include debugging information"
print
# Parse the command line switches and arguments
try:
try:
opts, args = getopt.getopt(sys.argv[1:], "u:H:p:f:vhS", ["formname=","userinput=","passwordinput=","debug","help","secure"])
except getopt.GetoptError, err:
# print help information and exit:
raise Usage(err)
except Usage, err:
print >>sys.stderr, err.msg
usage()
sys.exit(STATE_UNKNOWN)
# Gather values for our variables from given parameter switches
for o, a in opts:
if o == "-u":
username = a
elif o == "-H":
host = a
elif o == "-U":
url = a
elif o == "-p":
password = a
elif o in ("--secure","-S"):
usehttps = True
elif o in ("-f","--formname"):
wp_loginform = a
elif o == "--userinput":
wp_field_username = a
elif o == "--passwordinput":
wp_field_password = a
elif o == "--debug":
debug = True
elif o in ("-V","-v","--version"):
print scriptName + " " + scriptVersion
sys.exit()
elif o in ("-h", "--help"):
detailedUsage()
sys.exit()
else:
assert False, "unhandled option"
# Check to see if arguments have been specified, throw an error if not.
if username=="":
print "Error: no username specified."
usage()
sys.exit(STATE_UNKNOWN)
elif password=="":
print "Error: no password specified."
usage()
sys.exit(STATE_UNKNOWN)
elif host=="":
print "Error: no host specified."
usage()
sys.exit(STATE_UNKNOWN)
elif wp_loginform=="":
print "Error: No form name specified."
usage()
sys.exit(STATE_UNKNOWN)
elif wp_field_username=="":
print "Error: No username input field name specified."
usage()
sys.exit(STATE_UNKNOWN)
elif wp_field_password=="":
print "Error: No password input field name specified."
usage()
sys.exit(STATE_UNKNOWN)
elif url=="":
print "Error: no login URL specified."
usage()
sys.exit(STATE_UNKNOWN)
###############################################################
# Right - now we've parsed and passed everything, do our stuff
###############################################################
# Create a Browser object
br = mechanize.Browser()
# Create a Cookie Jar to hold our cookies (so we can login)
cj = cookielib.LWPCookieJar()
br.set_cookiejar(cj)
# Browser options
br.set_handle_equiv(True)
#br.set_handle_gzip(True)
br.set_handle_redirect(True)
br.set_handle_referer(True)
br.set_handle_robots(False)
# Follows refresh 0 but not hangs on refresh > 0
br.set_handle_refresh(mechanize._http.HTTPRefreshProcessor(), max_time=1)
if debug:
br.set_debug_http(True)
br.set_debug_redirects(True)
br.set_debug_responses(True)
# User-Agent (be clear about who we are, and what we're doing for target server logs)
br.addheaders = [('User-agent', 'Phil Tanner\'s Nagios WordPress login script, version '+scriptVersion)]
try:
loginurl = 'https://' + host + url if usehttps else 'http://' + host + url
# Not handling basic auth yet - left for future enhancements
## HTTP Authentication:
#br.add_password(loginurl, basicauth_user, basicauth_pwd)
r = br.open(loginurl)
except mechanize.URLError, err:
print "CRITICAL - Unable to open URL " + loginurl
sys.exit(STATE_CRITICAL)
# Attempt to carry out a login
try:
# Grab our login form
br.select_form(name=wp_loginform)
except mechanize._mechanize.FormNotFoundError, err:
print "CRITICAL - Cannot find login form name '"+ wp_loginform + "'"
sys.exit(STATE_CRITICAL)
try:
br.form[wp_field_username]=username
except mechanize._form.ControlNotFoundError, err:
print "CRITICAL - Cannot find user field form name '"+ wp_field_username + "'"
sys.exit(STATE_CRITICAL)
try:
br.form[wp_field_password]=password
except mechanize._form.ControlNotFoundError, err:
print "CRITICAL - Cannot find password field form name '"+ wp_field_password + "'"
sys.exit(STATE_CRITICAL)
# Assign the form submission to a variable. This allows us to inspect HTTP Status codes etc (result.code==200)
result = br.submit()
# See what the server sent us back
html = br.response().read()
# Now check if what we logged in, if so, take us to the updates page to check there:
if not "login_error" in html:
try:
updateurl = 'https://' + host + '/wp-admin/update-core.php' if usehttps else 'http://' + host + '/wp-admin/update-core.php'
r = br.open(updateurl)
except mechanize.URLError, err:
print "CRITICAL - Unable to open URL " + updateurl
sys.exit(STATE_CRITICAL)
updatepage = r.read()
if "An updated version of WordPress is available." in updatepage:
print "CRITICAL - WordPress core upgrade available!"
sys.exit(STATE_CRITICAL)
elif "The following plugins have new versions available." in updatepage:
print "WARNING - WordPress plugin upgrades available"
sys.exit(STATE_WARNING)
elif "The following themes have new versions available." in updatepage:
print "WARNING - WordPress theme upgrades available"
sys.exit(STATE_WARNING)
elif "Update Translations" in updatepage:
print "WARNING - WordPress translation upgrades available"
sys.exit(STATE_WARNING)
print "OK - No messages about upgrades located"
sys.exit(STATE_OK)
else:
print "CRITICAL - Unexpected string found in response - unsuccessful login?"
sys.exit(STATE_CRITICAL)
# We shouldn't get here. But in case we do - exit cleanly
print "UNKNOWN - Reached the end of the script somehow?"
sys.exit(STATE_UNKNOWN)