plugin-icon

AVAR Server Monitor

Por AVAR·
Privacy-first WordPress monitoring: uptime, SSL, cron and server checks, a Site Health score and an alert center, plus login protection.
Versão
1.10.0
Instalações ativas
10
Última atualização
Jul 8, 2026
AVAR Server Monitor

AVAR Server Monitor is a privacy-first WordPress health dashboard, uptime monitor, server diagnostics and security insight toolkit built directly into wp-admin.

It helps WordPress administrators understand whether their site is technically healthy, available, secure and running on a reliable server environment — without requiring an external SaaS account.

Instead of showing scattered technical data across multiple places, AVAR Server Monitor brings the most important signals into one clear dashboard: uptime, SSL status, PHP and database health, server resources, WP-Cron, an alert center, security checks, activity log, 404 monitoring, diagnostic exports, database maintenance and more.

Know what is wrong before visitors notice

WordPress sites often break quietly.

A cron task stops running. An SSL certificate gets close to expiration. The database grows. Debug errors are exposed. A plugin update changes something important. A server starts running out of memory. A backup directory may be exposed. A WooCommerce store accumulates technical clutter.

AVAR Server Monitor helps you spot these problems early and decide what needs attention first.

Site Health Score

The main dashboard includes a 0–100 Site Health Score that summarizes the technical condition of your WordPress site.

The score is based on weighted categories:

  • Core & Updates
  • Server Environment
  • Security Posture
  • Reliability & Monitoring
  • Performance & Storage

The score is not just a decorative number. It includes top issues, recommendations, action links and severity caps for critical problems.

For example, if a monitored domain is down, an SSL certificate has expired or a snapshot directory is publicly accessible, the score is capped so the site does not appear healthier than it really is.

Monitoring and diagnostics in one place

AVAR Server Monitor includes practical tools for everyday WordPress administration:

  • Alert Center that turns downtime, SSL expiry, Health Score drops, stalled cron, integrity failures, new PHP fatal errors and a filling disk into one incident timeline (with optional email and automatic diagnostic snapshots).
  • External heartbeat / dead-man’s switch that pings a URL you control so full outages are still detected.
  • PHP error monitoring with fatal/warning trends and instant alerts on new fatal errors.
  • Health Score history and per-domain response-time trends.
  • Storage growth monitoring: largest database tables, uploads size and a disk-full projection.
  • Uptime monitoring for one or more domains.
  • SSL certificate checks and expiration warnings.
  • WP-Cron monitor with overdue event detection.
  • Server resource overview with CPU, memory, disk and database information.
  • WordPress environment overview with versions, plugins, themes and updates.
  • Health Advisor for PHP, database, extensions, cache and connectivity checks.
  • Security audit for HTTPS, debug exposure, file editor status, readme.html, REST API, XML-RPC and login hardening.
  • Core file integrity scan against official WordPress.org checksums.
  • Activity Log for important plugin, theme, update, user and login events.
  • 404 monitor for frequently requested missing URLs.
  • Email alerts for downtime, version changes, resource thresholds and summaries.
  • Diagnostic snapshots for troubleshooting and support.
  • Safe Client Health Report for communicating technical status to clients or hosting support.
  • Database cleanup preview with risk labels, impact descriptions and confirmation flow.
  • Maintenance / coming-soon mode with a customizable page (background colour, gradient or image, logo and text colour), live preview, countdown and role-based bypass.

Login security and access control

AVAR Server Monitor includes a built-in login security layer, so you can harden wp-admin without adding a separate plugin:

  • Brute-force protection with escalating lockouts, an IP allowlist and blocklist (CIDR and wildcard support) and manual block/unblock of active lockouts.
  • A persistent, paginated login attempt log with per-IP statistics: failed attempts, incidents, lockouts and successful sign-ins, plus top attacking IPs and most-targeted usernames.
  • A login CAPTCHA on the login, registration and lost-password forms — a privacy-first self-hosted math question with honeypot by default, or optional Cloudflare Turnstile, Google reCAPTCHA v2 or hCaptcha with your own keys.
  • An optional custom login URL that serves the login page from a secret slug and returns 404 for the default wp-login.php.

These features run locally and require no external account; CAPTCHA providers are contacted only if you explicitly choose one.

Part of the AVAR Tools family

AVAR Server Monitor works perfectly on its own with its own top-level menu.

When another AVAR Tools plugin (such as AVAR Media Optimizer) is also active, they automatically share a single “AVAR Tools” admin menu with a common dashboard, so related tools live together instead of scattering across wp-admin. All existing page URLs stay the same either way.

Privacy-first approach

AVAR Server Monitor is not an external monitoring SaaS platform.

Most features run locally inside your WordPress installation. The plugin does not require an AVAR cloud account and does not send local health reports, diagnostic snapshots or server data to AVAR servers.

Some features may connect to public external services only when needed, such as the WordPress.org API for checksums and version information, or geolocation providers for server location lookup.

Built for safety

Because monitoring and diagnostics can touch sensitive areas, AVAR Server Monitor includes a dedicated Advanced Tools safety model.

Higher-risk tools are locked by default and require explicit activation.

Advanced Tools include features such as:

  • Diagnostic snapshots.
  • Full phpinfo().
  • wp-config.php debug switches.
  • Cron run/unschedule actions.
  • Database cleanup.
  • Table optimization.
  • Force HTTPS.
  • HSTS.
  • Selected exports and filesystem operations.

Sensitive actions use capability checks, nonces, confirmations, safety warnings and safer defaults where appropriate.

Safer HTTPS and HSTS handling

Force HTTPS and HSTS are not simple checkboxes.

They are enabled through protected safety flows with pre-flight checks, host validation and typed confirmation for HSTS includeSubDomains.

This reduces the risk of locking yourself out of the site or accidentally applying strict HSTS rules to subdomains that are not ready for HTTPS.

Database cleanup with preview

Database cleanup can be useful, but it should never feel like a blind “delete everything” button.

AVAR Server Monitor analyzes cleanup candidates first and shows what can be removed, the risk level and the likely impact.

Riskier actions require typed confirmation. Revision cleanup supports retention rules. WooCommerce content in Trash is detected and order-like records are excluded unless explicitly selected.

The plugin uses WordPress APIs where appropriate, such as when deleting posts and comments, so other plugins and WordPress hooks can respond correctly.

Diagnostic snapshots

Diagnostic snapshots are designed for troubleshooting, support and quick technical review.

They use private storage by default when possible, long random archive names, self-healing protection files, public-access checks and safer file exclusions.

Snapshots are a diagnostic aid, not a replacement for a full disaster recovery backup strategy. For complete recovery protection, use hosting-level backups or a dedicated backup plugin.

Who is AVAR Server Monitor for?

AVAR Server Monitor is useful for:

  • WordPress administrators who want a clear technical overview.
  • Freelancers maintaining client websites.
  • Small agencies managing business sites.
  • WooCommerce store owners who want to catch technical risks early.
  • Website owners who want monitoring without an external SaaS account.
  • Developers who need quick diagnostics inside wp-admin.
  • Support teams that need safe technical reports from clients.

What makes it different?

Many tools focus on only one area: uptime, backups, security, debugging, logs or server information.

AVAR Server Monitor focuses on the practical day-to-day question most WordPress administrators have:

“Is this site technically healthy, and what should I check first?”

It combines health scoring, monitoring, security checks, cron visibility, diagnostics, reports and safer maintenance tools into one privacy-first WordPress dashboard.

Typical use cases

Use AVAR Server Monitor to:

  • Check whether your site is currently healthy.
  • Monitor uptime and SSL status.
  • See if WP-Cron is running correctly.
  • Review PHP, database and server environment health.
  • Detect security configuration issues.
  • Track important plugin/theme/update activity.
  • Find repeated 404 requests.
  • Export a safe client or support report.
  • Review database cleanup candidates before deleting anything.
  • Create a diagnostic snapshot for troubleshooting.
  • Understand which issues deserve attention first.

Important note

AVAR Server Monitor provides monitoring, diagnostics and safety-focused maintenance tools. Some Advanced Tools can change configuration, delete data or access sensitive diagnostic information.

Read warnings carefully, keep regular backups and test higher-risk actions on staging sites whenever possible.

External services

AVAR Server Monitor may connect to external services only for specific features:

  • WordPress.org API (api.wordpress.org) — used for WordPress core checksums, plugin/theme information and version-related checks.
  • Geolocation providers (only when server location lookup is enabled, and only the provider you select) — ip-api.com (https://ip-api.com/, free lookup, no key) or MaxMind GeoLite (https://www.maxmind.com/, requires your own account and license key). The provider receives the server’s IP address. The default “Anonymous” provider is fully local and contacts no external service.
  • The monitored site URLs — used by the uptime monitor to check availability of configured domains.
  • Your external heartbeat endpoint (only if you enable the heartbeat) — the plugin periodically sends an HTTP request to the URL you configure (for example healthchecks.io, Cronitor or Uptime Kuma), so your external monitor can detect a full outage. No site data is included in the ping.
  • CAPTCHA providers (only if you choose one) — Cloudflare Turnstile, Google reCAPTCHA or hCaptcha receive the challenge token and visitor IP to verify a login/registration attempt. The default self-hosted math + honeypot CAPTCHA uses no external service.

The plugin does not require an AVAR cloud account and does not send diagnostic snapshots or local health reports to AVAR servers.

Freeem planos pagos
Ao instalar, você concorda com os Termos de Serviço do WordPress.com e com os Termos do plugin de terceiros.
Testado até
WordPress 7.0
Esse plugin está disponível para download para o seu .