🚀 SecureCheap is live — Start free →
Monitoring
Uptime & HTTP Checks

Uptime & HTTP Checks

How checks work

Every monitor check follows this sequence:

1. DNS resolution (measured separately)
2. TCP handshake
3. TLS handshake (HTTPS)
4. Send HTTP request
5. Read first byte (TTFB)
6. Read full response body
7. Keyword match (if configured)
8. Record: status code, total time, TTFB, TLS grade

All timing phases are stored individually so you can diagnose where latency comes from.

Response time breakdown

PhaseMetricWhat it tells you
DNSdns_msSlow → bad TTL, wrong resolver
TCP connectconnect_msSlow → server overload, routing
TLStls_msSlow → heavy cert chain, no session resumption
TTFBttfb_msSlow → slow app, no caching
Transfertransfer_msSlow → large payload, no compression
Totalduration_msEnd-to-end user experience

SSL / TLS grading

We grade SSL using the same methodology as SSL Labs:

GradeCriteria
A+TLS 1.3 only, HSTS, perfect forward secrecy, OCSP stapling
ATLS 1.2+, strong ciphers, no known vulnerabilities
BTLS 1.2+ but some weak ciphers or missing HSTS
CSupports TLS 1.0 or weak DH parameters
FCritical vulnerability (Heartbleed, POODLE, etc.) or expired cert
⚠️

Certificates expiring in < 14 days trigger an alert regardless of grade.

Keyword monitoring

You can require a string to be present (or absent) in the response body:

Keyword: "status":"ok"       → present
Keyword: "maintenance mode"  → must be absent

Useful for:

  • Health check endpoints that return JSON
  • Pages that should not show error messages
  • Detecting when a WAF injects a block page

HTTP headers check

SecureCheap checks for the following security headers on every HTTP monitor:

HeaderExpected
Strict-Transport-Securitymax-age≥31536000
X-Content-Type-Optionsnosniff
X-Frame-OptionsDENY or SAMEORIGIN
Content-Security-PolicyAny value present
Referrer-PolicyAny value present

Missing headers contribute to your Security Score.