SYSSY checks your website for availability several times an hour, around the clock. The number of monitoring sessions depends on various factors, which is why monitoring does not take place at completely regular intervals.
It simulates access via a browser and checks whether your websites are accessible. If a website cannot be reached on the first attempt, several attempts are made in succession to check whether the website really has an error. If no positive result is achieved after 3 attempts, an alert is created and you will be notified if you have set it.
You can also perform manual remonitoring at any time. You can see the button to start the process at the top right of the project dashboard.
What types of monitoring are available?
There are different types of monitoring to which your website is subjected by SYSSY:
- HTTP monitoring
- Performance monitoring
- Server monitoring
- CMS monitoring
- Plugin/extension monitoring
- SEO monitoring
- GDPR check
1. HTTP Monitoring
HTTP monitoring checks your website for availability, i.e. whether SYSSY can access your website and whether the HTTP response code is 200 (OK). If your website returns a different response code, e.g. because an error occurs, the website cannot be found or a redirect has been detected, the website is checked again. If the new check also fails, an alert is created after several checks. The website continues to be monitored and if the website is accessible again at a later point in time, the alert is automatically set to “resolved”. Monitoring is currently carried out from Germany.
There are basically the following statuses, shown in traffic light colors:
- green: Status 200 (OK)
- orange: status 3xx (redirect)
- red: Status 4xx (Not found, Forbidden ...) or 5xx (Server Error)
2. Performance Monitoring
In performance monitoring, we check your website with Google Lighthouse. This check is essentially the same as the PageSpeed Insights check (https://pagespeed.web.dev/), but is carried out directly via the Lighthouse API. The values displayed in SYSSY correspond to the mobile check in PageSpeed Insights.
The performance check is not carried out as often as an HTTP check, but is performed every few days.
In the monitoring list, you can see the most important values (load time, page size, performance score) for all your projects at a glance. There is a detailed view of the monitoring for each project under “Project” -> “Performance Information” and also a history under “Monitoring” -> “Performance Monitoring”
3. Server Monitoring
During server monitoring, SYSSY primarily checks your PHP and MySQL version for current status and security gaps. The version numbers are checked to see whether they are out of date and whether there is a security update for them. If insecure versions are detected, an alert is created and you receive information so that you can take care of it. If an update is detected, automatic documentation entries are created and if security vulnerabilities are fixed by an update, the alerts are automatically marked as “resolved”.
The traffic light colors are also used here:
- green: The version is secure
- orange: There is an update, but not a security-relevant one
- red: A security update is available, but the version used is not secure
For the HTTP version, orange stands for an outdated version, e.g. if HTTP 1 and not HTTP 2 is used.
For the port, orange indicates a non-encrypted port, e.g. if port 80 and not 443 is used.
The following points are checked:
- PHP version
- MySQL version
- HTTP version
- port
Information on the host and IP address is also provided.
The server monitoring is a current status that is not saved in the history.
Attention: Server monitoring only works if you have connected your CMS with plugin/extension to SYSSY!
Tip: If you only run websites on rented web spaces and do not have your own server, you cannot normally influence the security updates of PHP and MySQL versions. In this case, you can ignore the alerts so that you are not bombarded with alerts that you can't do anything about anyway. The situation is of course different for major updates, which you usually have to carry out manually in the web space. If a PHP version is End Of Life and is no longer supplied with security updates, there is a separate alert for this.
4. CMS Monitoring
With CMS monitoring, SYSSY retrieves information from your CMS (e.g. WordPress or TYPO3) at regular intervals. One of the most important pieces of information is the version of the CMS itself. The version is checked by SYSSY for security vulnerabilities by comparing your version with known security vulnerabilities. If a security vulnerability is detected, an alert is created. This alert is automatically set to “resolved” when the CMS is updated.
The traffic light system is used here again for a better overview:
- green: CMS is up to date
- orange: There is an update, but it is not security-relevant
- red: There is a security update for this version
Attention: CMS monitoring only works if you have connected your CMS to SYSSY with a plugin/extension!
5. Plugin/Extension Monitoring
With plugin/extension monitoring, all installed plugins or extensions in your CMS are checked for security vulnerabilities. This works by SYSSY retrieving a list of all plugins/extensions from your CMS and checking the versions used for security vulnerabilities. If security vulnerabilities are detected, an alert is created and you are notified. If updates are detected, the alerts are automatically marked as “resolved”.
Attention: Plugin monitoring only works if you have connected your CMS with plugin/extension to SYSSY!
6. SEO Monitoring
SEO monitoring checks the start page of your website for specific SEO content at different intervals. Various meta tags, as well as XML sitemap, robots.txt and H1 are checked and saved in SYSSY. This gives you an overview of all projects on the one hand and a detailed view for each individual project on the other.
7. GDPR Check
The GDPR check checks whether the website loads external scripts or tracking pixels that are not secured via a cookie banner.
The following tracking pixels are checked:
- Google Fonts
- Google Maps
- Google Analytics
- Google Tagmanager
- Google ReCaptcha
- Youtube
- Vimeo
Externally loaded scripts are also recognized.
If non-GDPR-compliant content is detected, an alert is created.
The GDPR check is carried out continuously in the background, but can also be started manually. There is a “GDPR check” button at the top right of the project dashboard. When the button is clicked, a check is carried out immediately and the result is displayed after a short waiting time.
