AVAR Server Monitor

AVAR Server Monitor keeps an eye on the technical health of your WordPress site — from a single, clean dashboard. Every feature is free, translation-ready, and there are no upsells.

Overview & WordPress info

• At-a-glance dashboard: environment, versions, resources, health and pending updates.
• Plugin/theme/user/content counts with plugin-update health.

Versions & display

• Show WordPress, PHP, web server and MySQL versions in the admin bar, footer or a dashboard widget.

System resources

• Live CPU load, memory and database size via the WordPress Heartbeat API, with hourly history and per-directory storage sizes.

Uptime monitoring (multi-domain)

• Periodic availability and response-time checks at a chosen interval (1/5/10/30/60 min).
• Auto-detects every domain pointing at the site and monitors each one separately, with optional downtime emails.

Environment & location

• Detects Production / Staging / Development / Local (WP_ENVIRONMENT_TYPE, Bedrock, WP Engine, Kinsta, Pantheon) with a colour-coded admin-bar badge.
• Privacy-first server-location detection; optional providers (Cloudflare, ip-api.com, MaxMind) only when you choose them.

Health Advisor

• PHP and MySQL/MariaDB end-of-life tracking, recommended PHP extensions, OPcache/object-cache and connectivity checks — integrated into Site Health.

Security

• Force HTTPS, optional HSTS, SSL-certificate expiry and a configuration audit with one-click fixes (and revert).
• Optional hardening: disable XML-RPC, restrict the REST API, hide login errors, limit login attempts.
• On-demand core file integrity scan against the official WordPress.org checksums.

Maintenance & history

• Version history, an activity log (plugin/theme/update/role/login events) with filtering, a cron monitor, and a 404 monitor.
• Maintenance / coming-soon mode with an optional auto-launch countdown.

Tools (some opt-in)

• System export (JSON) and CSV history exports.
• Database cleanup and table optimization, plus an autoloaded-options watchdog.
• Debugging panel (toggle WP_DEBUG and friends, view the error log, profile slow queries), phpinfo report and built-in backups — these higher-risk tools are disabled by default and enabled under Tools → Advanced Tools.

Access control & alerts

• Restrict monitor output to chosen roles.
• Email alerts on version changes, resource thresholds, and a periodic summary digest.

External services

This plugin can optionally connect to external services. Geolocation services are contacted only when you choose a non-default Server Location provider:

• Cloudflare Trace (https://www.cloudflare.com/cdn-cgi/trace) — requests your server’s outbound IP and country code. Used only when the “Cloudflare trace” provider is selected. Cloudflare privacy policy: https://www.cloudflare.com/privacypolicy/
• ip-api.com (http://ip-api.com/json/) — geolocates your server’s outbound IP. Used only when the “ip-api.com” provider is selected. Terms: https://ip-api.com/docs/legal
• MaxMind GeoLite2 (https://geolite.info) — geolocates your server’s outbound IP using your MaxMind account ID and license key. Used only when the “MaxMind” provider is selected. Privacy policy: https://www.maxmind.com/en/privacy-policy

The plugin also uses the official WordPress.org API (https://api.wordpress.org):

• Core checksums (https://api.wordpress.org/core/checksums/) — used only when you run the on-demand “Scan Core Files” integrity check, to compare your core files against the official hashes.
• Connectivity test — the Health Advisor performs an outbound request to https://api.wordpress.org to verify your server can reach it. WordPress.org privacy policy: https://wordpress.org/about/privacy/

The Uptime feature sends HTTP requests to the domains you choose to monitor (your own site/domains) to measure availability and response time. No data leaves your own infrastructure for this check.

No data is sent to any third-party service unless you enable the corresponding feature.