HTTPs is becoming the “default” for any website whether it is a blog, portal, e-commerce or corporate one.
However, a website with an SSL certificate requires an extra layer of monitoring, “making sure the SSL works as expected”, as a certificate:
- can expire
- can produce errors (host mismatch, use insecure protocols like SSLv3..).
Introducing SSL monitoring
The Pro Plan now monitors such cases and lets you know:
- when the SSL certificate has errors including:
- host mis-match
- forcing insecure protocol (like SSLv2 or SSLv3)
- and when the SSL certificate is getting close to expiry date (when 30, 15, 7 and 1 day is left) so that you can renew it in advance.
Note: “mixed-content SSL warnings and revoked certificates” are currently not supported.
The feature is available by default for all HTTP and keyword monitors whose URLs start with “https”.
Customizing its usage
It is possible to:
- disable SSL monitoring and/or “ignore SSL errors” for selected monitors from the “Add/Edit Monitor dialogs”. This is handy if the website uses a self-signed certificate.
- choose which alert contacts will get “SSL expiry notifications” from the “My Settings>Alert Contacts>Add/Edit Alert Contact dialogs”.
- By default, all alert contact types except “SMS, mobile Push, Pushbullet, Boxcar and Pushover” are enabled considering they are non-intrusive.
Important info: The feature will become active by 20 September 2017 to make sure any customization can be performed in advance.
Excited to have this feature being available and hope that it helps for a better uptime :).
Update (24 Oct 2017)
Thanks to all the feedback received, we have applied a set of updates to make sure that this feature is easy-to-use and functional for everyone:
- a certificate being self-signed is no more a reason for it to be detected as “down”
- monitors with IP-based URLs (like https://184.108.40.206) are not checked for SSL errors
- expiration notifications for certificates by Let’s Encrypt and Cloudflare are only triggered if 3 days or less are left for expiry as these certificates are mostly auto-renewed close to the expiry date.
- ssl settings for all monitors can be changed in bulk using the bulk actions dialog (can be found just under the “Add Monitor button”).
Cloudflare is an impressive service/platform for securing and speeding-up websites.
If you use Cloudflare and have a “status page with a custom-domain” in Uptime Robot, “there may be a small configuration needed” to make sure things work smooth.
Who needs the custom configuration?
If the 3 items below match your case, then the custom config is needed:
- Use Cloudflare as your domain’s DNS provider
- Have a status page with custom domain in Uptime Robot
- Have the “Crypto” setting as “Flexible” in Cloudflare
How to make the custom config?
That is so easy:
- Login to your Cloudflare account
- Click the domain of your status page
- Click “Page Rules>Create Page Rule”
- Enter *MyStatusPageCustomDomain* (like *status.mydomain.com*) into “If the URL matches” field
- Click “Add Setting>SSL>Full”
- Click “Save and Deploy”
- That’s it.
And, here is a screenshot of the setting: