Enable /status and /ping for php-fpm

[naresh-kumar-babu]

Partial fix for #388

[jeffw16]

Is this accessible to the general public? Or is it an internal route?

[yaronkoren]

I'm guessing it's open to the public... but does it matter?

[jeffw16]

In theory, only synthetic monitors should have access to heartbeat endpoints, not the general public. It's best to find a way to prevent bad actors from being able to access this endpoint.

[yaronkoren]

@vedmaka or @pastakhov - any thoughts on this? This came from your code. Is enabling /status and /ping a potential security issue, and if so, how can it be resolved?

[jeffw16]

I withdraw my concern as it seems like it's working just fine for WikiTeq over the past several months. We should ideally add an option for a firewall for these endpoints in the future. I'll go ahead and give my approval.

[jeffw16]

After discussion at the last meeting, we decided we should hold off on this until we have some clarity about adding a firewall if needed. Rescinding my approval for now. Sorry :(