Hi All,

I just recently found that Health Probe Checking exposes the internal servername along with 200 OK response.

This happen even when I have Reverse Proxy in-place which is suppose to hide our internal servers. I could say its kind of similar situation wherein we have internal servernames in email headers.

I'm concerned in this case, as all this happens without any authentication, from any device, from any network.

Health Probe Checking

To ensure that load balancers do not route traffic to a Client Access server that Managed Availability has marked as offline, load balancer health probes must be configured to check <virtualdirectory>/healthcheck.htm (e.g., https://mail.contoso.com/owa/healthcheck.htm). Note that healthcheck.htm does not actually exist within the virtual directories; it is generated in-memory based on the component state of the protocol in question.

https://mail.contoso.com/owa/healthcheck.htm

200 OK
CO2PRxxCA0xx.0xxA.MGD.MSFT.NET

NOTE- I have replaced some chars with 'xx'

How do we tell Managed Availability not to expose the servername or edit the information being disp

Hi,

Basis on the Microsoft document, open healthcheck.htm in browser and if you get a 200 response ( assuming the health probes are active), then you know you are using the correct URLs.

It may be caused by the mechanism for load balancer works, there are 2 different mechanisms the load balancer can use to determine instance health and whether or not to include that instance in the round robin rotation and send new traffic to it. For you reference:
1. The default mechanism is that the load balancer sends probes to the Guest Agent to request the instance health.  If the Guest Agent returns anything besides 'Ready' then the load balancer will mark that instance as unhealthy and remove it from the rotation.  Looking back at the heartbeats from the guest agent to the host process, this means that if any of those processes running in the Guest OS has crashed or hung then the guest agent will not return Ready and the instance will be removed from the LB rotation.
2. The other mechanism is for you to define a custom LoadBalancerProbe in your service definition.  A LoadBalancerProbe gives you much more control over how the load balancer determines instance health and allows you to more accurately reflect the status of your service, in particular the health of w3wp.exe and any other external dependencies your service has.  Make sure your probe path is not a simple HTML page, but actually includes logic to determine your service health.

Thanks

Hi Allen,

Thank you for your response. This definately works and has lots of benefits associated. If we put aside LoadBalancers and consider  an environment where there is no loadbalancers or Reverse Proxies, single CAS+MBX.

I'm looking at a more security aspect of this feature.

"open healthcheck.htm in browser and if you get a 200 response " I can open any organization's URL without requiring the username password.

Eg.

https://mail.office365.com/owa/Healthcheck.htm

200 OK
BN3PR0301CA0014.NAMPRD03.PROD.OUTLOOK.COM

https://outlook.cornell.edu/owa/healthcheck.htm

200 OK
BLUPR18CA0028.NAMPRD18.PROD.OUTLOOK.COM

https://mail.ufl.edu/owa/healthcheck.htm

200 OK
EXMBXPRD02.AD.UFL.EDU

All works, without asking me anything.

I'm concerned in this case, as all this happens without any authentication, from any device, from any network.

How do we tell Managed Availability not to expose the servername or edit the information being displayed.