Frequently Asked Questions

How do I get access to beta-webmon?

beta-webmon is currently invitation-based. You'll need an invitation link to create an account. If you don't have one, please contact us to request access.

How do I get started after receiving an invitation?

Click the invitation link you received, create your account, and you'll be taken to your dashboard. From there, you can add your first website to monitor and configure your alert preferences. You'll start receiving notifications within minutes if any issues are detected.

Do I need to install anything on my website?

No installation is required. beta-webmon monitors your website externally by checking it at regular intervals from our global network. Simply provide your website URL, and we'll take care of the rest.

What types of websites can I monitor?

You can monitor any publicly accessible website using HTTP or HTTPS. We support monitoring for uptime, response time, SSL certificates, DNS resolution, and keyword presence on pages.

What are the different plan tiers?

We offer three tiers:

• Starter: Up to 5 monitors, 10-minute intervals, HTTP & keyword monitoring, email alerts
• Professional: Up to 25 monitors, 1-minute intervals, plus SSL & DNS monitoring, Telegram alerts, public status page
• Expert: Up to 100 monitors, 1-minute intervals, all features including priority support

What types of monitoring are available?

We currently support:

• HTTP Monitoring: Check website uptime and response time
• Keyword Monitoring: Ensure specific content is present or absent on pages
• SSL Monitoring: Track certificate expiry dates (Pro & Expert)
• DNS Monitoring: Verify DNS resolution from multiple providers (Pro & Expert)
• Security Monitoring: Scan for malware and threats using Google Safe Browsing and VirusTotal

How quickly will I be notified of downtime?

Notification speed depends on your check interval. Starter plans check every 10 minutes at minimum, while Professional and Expert plans can check as frequently as every 1 minute. Alerts are sent immediately when multiple consecutive failures are detected to avoid false positives.

What happens when my website goes down?

When we detect an issue, we verify it with multiple consecutive checks to avoid false positives. Once confirmed as down, you'll receive immediate alerts through your configured notification channels (email or Telegram).

You'll also see the incident logged in your dashboard with detailed information about the downtime, including duration and response codes.

What notification methods are available?

We support multiple notification channels:

• Email: Receive alerts via email (available on all plans)
• Telegram: Get instant notifications through Telegram Bot
• In-App Notifications: Bell icon in navigation shows alerts in real-time
• Push Notifications: Browser notifications even when WebMon is closed

Can I customize alert notifications?

Yes! You can configure notification preferences including alert cooldown periods to prevent spam, slow response thresholds, and which types of alerts you want to receive (down, up, slow response, SSL expiry warnings).

Can I monitor SSL certificate expiration?

Yes, SSL certificate monitoring is available on Professional and Expert plans. We'll alert you when your certificate is approaching expiration (configurable warning threshold), giving you plenty of time to renew it.

Can I monitor domain registration and expiry?

Yes! WebMon automatically retrieves WHOIS information for your monitored domains, including:

• Registration and expiry dates with countdown warnings
• Registrar information
• Nameserver configuration
• Contact details (when not privacy-protected)

You'll receive notifications when your domain is approaching expiration, giving you time to renew.

Do you monitor from multiple locations?

Yes, we monitor using Cloudflare's global network, which provides checks from multiple regions worldwide. This ensures your site is accessible globally and helps identify regional issues.

Can I create a public status page?

Yes! You can create a public status page that shows your monitored services to your customers. You can customize which monitors to display, add password protection, and control what information is visible.

Can I import multiple monitors at once?

Yes! You can bulk import monitors using CSV, JSON, or plain text formats. Simply upload your file with the URLs you want to monitor, and we'll create them all at once.

Can I export my monitoring data?

Yes, you can export your check history and statistics in CSV format at any time. This includes uptime percentages, response times, and check results.

How far back is monitoring history stored?

Check history retention varies by plan:

• Starter: 7 days of check history
• Professional: 90 days of check history
• Expert: 365 days of check history

Can I monitor DNS resolution?

Yes! DNS monitoring is available on Professional and Expert plans. It checks resolution from multiple DNS providers (Cloudflare, Google, Quad9, OpenDNS, and AdGuard) to ensure your domain resolves correctly across different networks.

Can I check for specific keywords on my pages?

Yes, keyword monitoring allows you to verify that specific text appears on your pages. This is useful for ensuring content is displaying correctly or that certain offers/products are live.

What technology stack information can I see?

Our HTTP monitoring detects and displays information about the technologies powering your website, including web servers, frameworks, and other detectable components.

Can I organize my monitors with tags?

Yes! Tags help you organize and categorize your monitors for easier management. You can:

• Create custom tags with your own colors
• Assign multiple tags to each monitor
• Filter monitors by tags on your dashboard
• Filter statistics and reports by tags
• Group by environment (Production, Staging, Dev)
• Organize by client, project, or service type

Tags make it easy to manage large numbers of monitors and quickly find the ones you need.

How does security monitoring work?

We offer optional security scanning through two industry-leading services:

• Google Safe Browsing: Checks if your site is flagged for malware, phishing, or unwanted software
• VirusTotal: Scans your URL across multiple antivirus engines and security databases

To use these features, you'll need to provide your own API keys in your security settings. We'll alert you immediately if any threats are detected.

What is Content Security Scan?

Content Security Scan is a free, built-in security feature that analyzes your page content for signs of compromise, phishing, or malicious modifications. Unlike API-based security services, this runs every check cycle at zero additional cost.

It detects:

• Google Ban Warnings: Text like "Deceptive site ahead" that may appear if your site is flagged
• Hack/Defacement: "Hacked by", "Site compromised", or attacker signatures
• Hosting Warnings: "Account suspended", "Terms of service violation" notices
• Phishing Indicators: Credential harvesting attempts, fake login forms
• Fake Security Alerts: "Virus detected", scareware tactics

Each pattern adds points to a threat score (0-100). Scores 0-19 are clean, 20-49 trigger a warning, and 50+ indicate a threat. You can whitelist false positives. Learn more

Can I pause notifications temporarily?

Yes! You can pause notifications for any monitor without stopping the monitoring itself. This is useful during planned maintenance or when investigating an issue.

Pause options include:

• Timed: Pause for 1, 4, 8, 12, or 24 hours
• Until Recovery: Automatically resume when the monitor comes back up
• Indefinite: Pause until you manually resume

You can also pause directly from alert emails using the quick-pause link.

Can I upgrade my plan?

Yes, you can request a plan upgrade through your dashboard. Submit a request explaining your needs, and we'll review and process it promptly.

How is my data protected?

We take security seriously and implement multiple layers of protection:

• All data encrypted in transit using modern TLS encryption
• Sensitive data (API keys, tokens) encrypted at rest in the database
• Passwords hashed using industry-standard algorithms with individual salts
• Two-factor authentication available for all accounts
• Comprehensive audit logging of security-sensitive actions
• Rate limiting on authentication and sensitive endpoints
• Security headers (CSP, HSTS, X-Frame-Options) on all responses
• Regular security audits and updates

We follow OWASP best practices and industry standards for secure application development.

Can I manage multiple sessions?

Yes, you can view all your active sessions and revoke access from specific devices if needed. This helps you maintain security across all your logged-in devices.

Can I change my email address?

Yes, you can request an email change from your profile settings. We'll send a verification link to your new email address to confirm the change.

How do I enable two-factor authentication?

To enable 2FA for enhanced account security:

1. Go to your Profile Settings and navigate to the Two-Factor Authentication section
2. Click "Enable Two-Factor Authentication"
3. Scan the QR code with your authenticator app (Google Authenticator, Authy, 1Password, Microsoft Authenticator, etc.)
4. Enter the 6-digit code from your app to confirm setup
5. Save your recovery codes in a secure location - you'll need these if you lose access to your authenticator app

Once enabled, you'll be prompted for a code from your authenticator app each time you log in.

What are recovery codes and when do I use them?

Recovery codes are single-use backup codes that allow you to access your account if you lose access to your authenticator app. You receive 8 recovery codes when you enable 2FA.

Important: Store these codes securely (password manager, encrypted file, or printed in a safe place). Each code can only be used once.

If you lose access to your authenticator app, click "Use a recovery code instead" on the 2FA login screen and enter one of your recovery codes. You can regenerate new recovery codes from your profile settings at any time.

What security features protect my account?

Your account is protected by multiple security layers:

• Two-Factor Authentication: Optional TOTP-based 2FA for enhanced login protection
• Email Verification: Required verification to ensure account ownership
• Password Security: Strong password requirements and regular security recommendations
• Rate Limiting: Protection against brute-force attacks on sensitive endpoints
• Session Management: View and revoke active sessions from any device
• Audit Logging: All security-sensitive actions are logged with timestamps and IP addresses
• API Key Encryption: Third-party API keys are encrypted at rest in the database
• Secure Communication: All data transmitted using modern TLS encryption

What is audit logging and what events are tracked?

Audit logging provides a complete history of security-sensitive actions on your account. You can view your audit log from your Profile Settings.

Tracked events include:

• Login attempts and successful logins
• Two-factor authentication events (enabled, disabled, challenged)
• Recovery code regeneration
• Password changes
• Email address changes
• Security settings modifications
• Session management actions

Each log entry includes the timestamp, IP address, and user agent for complete traceability.

What is the notification center?

The notification center (bell icon in the navigation) shows your recent alerts and updates in real-time. It displays security threats, domain warnings, bug report updates, and more without needing to check email.

The badge number updates automatically every 60 seconds, and clicking a notification takes you directly to the relevant page.

How do push notifications work?

Push notifications deliver alerts directly to your browser even when you're not on WebMon. When enabled, you'll receive pop-up notifications for important events.

To enable: Go to Profile > Alert Settings > Push Notifications and toggle it on. Your browser will ask for permission - click "Allow" to start receiving notifications.

Why am I not receiving push notifications?

Common reasons and solutions:

• Browser notifications may be blocked - check your browser's site settings
• "Do Not Disturb" mode may be enabled on your device
• The push toggle in Alert Settings may be disabled
• Try disabling and re-enabling push notifications
• Ensure your browser supports push notifications (Chrome, Firefox, Edge, Safari)

Can I get notifications for bug report updates?

Yes! When there's activity on your bug reports (status changes, admin comments), you'll receive notifications through email and the in-app notification center. Look for the bell icon badge to see unread updates.

How do I customize which alerts I receive?

Go to Profile > Alert Settings to configure:

• Enable/disable email, Telegram, and push notifications
• Choose which events trigger alerts (down, up, slow response, SSL expiry)
• Set performance thresholds for response time and TTFB
• Configure cooldown periods to prevent notification spam
• Select which HTTP error codes to monitor

How can I get help?

Multiple ways to get support:

• Help Center: Browse articles in our Help Center
• Bug Reports: Submit issues directly from your dashboard under "Bug Reports"
• Contact Form: Reach us via our contact form

How do I report bugs or request features?

Use the built-in Bug Reports system:

1. Click your name in the navigation
2. Select "Bug Reports"
3. Click "Report a Bug"
4. Choose the type (Bug, Feature Request, Improvement, Question)
5. Fill in the details and optionally attach screenshots

You'll receive notifications when there are updates to your reports.

Do you have documentation?

Yes! Our Help Center contains guides on all WebMon features including getting started, monitoring setup, alert configuration, security features, and account management.

Do you send updates or newsletters?

Yes, we send periodic updates about new features, improvements, and bug fixes. These include statistics on bug reports resolved and highlights of recent enhancements to the platform.