Uptime monitoring for a WordPress plugin with a SaaS backend

Q: Should StillOnline monitor my WordPress site or my SaaS API for a plugin product?

Monitor the SaaS API health URL — that is what license checks, sync, and paid features call. WordPress admin and admin-ajax.php are poor probe targets (API-only guide).

Q: Why does StillOnline alert when wp-admin still loads?

You may be checking the wrong URL. Admin can return 200 while api.yourplugin.com is down. Point the check at the API /health endpoint (quickstart).

Q: How fast does StillOnline alert on API downtime?

After two consecutive failed probes. On Free with a 5-minute interval, that is roughly 10 minutes from the first failure — false positive tuning.

Q: Does StillOnline integrate as a WordPress plugin?

No. StillOnline is an external HTTP monitor and hosted status page. Add a health route on your API and register that HTTPS URL in the dashboard — same pattern as any API-first SaaS.

Popular WordPress plugins — SEO suites, form builders, backup tools — ship PHP in wp-content/plugins/ but call a remote SaaS API for AI, sync, licensing, or analytics. Your site can show green in wp-admin while the API integrators depend on is down.

External uptime monitoring must hit the SaaS backend, not yoursite.com/wp-admin or admin-ajax.php. StillOnline runs scheduled HTTP GET checks from the public internet and pairs them with a status page plus owner alerts (email, Telegram bot, or Slack).

Quick answer

Register StillOnline on your SaaS API GET /health or /api/health — not WordPress admin or admin-ajax.php. The WordPress REST API is for on-site routes; your cloud API lives on a separate host (e.g. api.yourplugin.com). Free probes every 5 minutes and alerts after two consecutive failures (~10 minutes). On shared hosting, avoid monitoring the WP site root — CPU throttling causes false positives; see false positive tuning.

Architecture: two surfaces, one product

Surface	What it proves	StillOnline check?
WordPress site	Plugin PHP loads, WP cron runs	Usually no (noisy on shared hosting)
SaaS API	License, sync, AI, webhooks work	Yes — canonical health URL
Status page	Customer-facing incident history	Hosted at `stillonline.tech/s/{id}`

Plugin users care whether API calls from their server succeed. A probe of https://api.yourplugin.com/health matches that reality — same idea as API-only SaaS monitoring.

Do not monitor wp-admin or admin-ajax

Common mistakes:

/wp-admin/ — login redirects, cookies, 403 for probes.
admin-ajax.php?action=... — shared-host rate limits, nonce expiry, unrelated plugin traffic.
Marketing homepage on shared host — 200 while PHP workers are saturated.

If you must expose WordPress liveness, add a tiny REST route — REST API handbook — and keep it separate from the cloud API check:

// Example only — prefer monitoring api.yourplugin.com instead
register_rest_route( 'yourplugin/v1', '/health', array(
    'methods'  => 'GET',
    'callback' => fn() => new WP_REST_Response( array( 'status' => 'ok' ), 200 ),
    'permission_callback' => '__return_true',
) );

StillOnline expects a stable HTTPS URL returning 200 in under about two seconds — health quickstart.

Shared hosting false positives

Budget hosts pause PHP, queue wp-cron, or return slow 200 under load. Symptoms:

Check flaps DOWN during traffic spikes on the blog, not the API.
curl from your laptop works; external probe times out intermittently.

Mitigations:

Monitor api.yourplugin.com/health only — authoritative for SaaS features.
Keep health handler lightweight — no DB fan-out on cold path (health design).
Accept two-fail debounce — StillOnline waits for 2 failed probes before DOWN (false positive guide).
Fix redirect/WAF issues with curl -L before blaming the monitor — probes and antibot.

Free uses a fixed 300 s interval; you cannot shorten it without Pro (60–300 s per check).

StillOnline setup for plugin vendors

Ship GET /health on the API deployment (Railway, Fly, VPS — not the WordPress box).
Verify from outside shared hosting:

curl -sS -o /dev/null -w "%{http_code} time:%{time_total}s\n" https://api.yourplugin.com/health

Create a StillOnline project → paste the API health URL → expect 200.
Share https://stillonline.tech/s/{id} in plugin docs, changelog, and support macros.
Enable Telegram owner alerts if you ship updates from your phone — Telegram guide.

Pro adds up to 10 URL checks — split API vs optional marketing site if you accept extra noise on the second check.

Communicate outages to plugin users

When the API check goes DOWN, publish an incident on the status page; link it from:

WordPress.org plugin forum sticky (if policy allows).
In-plugin admin notice (your PHP reads status JSON or a static banner).
Email to paid tier — customer email template.

Subscribers on the public page get email on each incident post via Google sign-in — subscribers vs owner.

Related guides

FAQ

Should StillOnline monitor my WordPress site or my SaaS API for a plugin product?

Monitor the SaaS API health URL — that is what license checks, sync, and paid features call. WordPress admin and admin-ajax.php are poor probe targets (API-only guide).

Why does StillOnline alert when wp-admin still loads?

You may be checking the wrong URL. Admin can return 200 while api.yourplugin.com is down. Point the check at the API /health endpoint (quickstart).

How fast does StillOnline alert on API downtime?

After two consecutive failed probes. On Free with a 5-minute interval, that is roughly 10 minutes from the first failure — false positive tuning.

Does StillOnline integrate as a WordPress plugin?

No. StillOnline is an external HTTP monitor and hosted status page. Add a health route on your API and register that HTTPS URL in the dashboard — same pattern as any API-first SaaS.