Skip to content

Enable Monit SSL

Posted in Server

‘Why would I need to enable Monit SSL?’, you ask. Yep, you need SSL for Monit, because if you have authentication enabled, then it means sending your username and password credentials over the air or wire without encryption means even the chicken in Moana could easily intercept and readily figure out your plaintext credentials.

You don’t want that happening, because, if you’ve enabled start, restart, and stop of perhaps your Nginx or MySQL or PHP FPM, you don’t want someone going into your Monit dashboard to turn off your Nginx, for instance.

By default, SSL can be enabled on Monit in the monit configuration file, as indicated in this documentation.

However, like me, if you have Nginx sitting in front of every request going into your server, you probably are using Nginx as a proxy to the localhost running process of Monit.

If that’s you, then enabling at the Monit configuration level might just not be necessary.

Here’s a basic configuration to proxy requests via Nginx to your Monit, adapted from the docs as well:

As usual, the include /etc/nginx/ssl/globalssl.conf will point to the configuration file holding your SSL info.

My globalss.conf file contains something like this:

With that said, you restart your Nginx, and you’re good to go with an SSL enabled Monit.

Remember, 2017 is the year to SSL #HTTPS everything!