MageMonitor

Introduction

What is MageMonitor?

MageMonitor is a comprehensive store health monitoring extension for Magento 2. It continuously scans your server, database, cron system, cache layer, frontend, and security posture — then surfaces actionable findings directly in your Magento admin panel with exact instructions to fix each issue.

🔍

Automated Detection

10 specialized detectors run on schedule, checking over 100 conditions across server, database, cache, cron, frontend, security, search, performance, extensions, and Magento core.

📊

Real-Time Metrics

Live CPU, RAM, disk, Redis, database connections, slow queries, and Varnish hit rate — all auto-refreshing every 10 seconds without page reload.

🔔

Multi-Channel Alerts

Instant notifications via Email, Slack, and Webhook when critical issues are detected. Separate digest schedules per channel. Downtime alerts fire the moment your store goes unreachable.

⚡

One-Click Quick Fixes

Flush caches, reindex, clear generated code, optimize database tables, kill zombie crons, warm cache, and more — all from the dashboard with full audit logging.

🛡️

Security Monitoring

File integrity checks, admin brute force detection, login audit trail, WAF event monitoring, and SSL certificate expiry alerts.

📈

Traffic & Performance

Real request tracking via sampling, slow page identification, JS error collection from real visitors, CDN analytics, and uptime monitoring with history.

Prerequisites

Requirements

Component	Requirement	Notes
Magento	2.4.0 – 2.4.9	Community and Commerce editions
PHP	8.1, 8.2, or 8.3	CLI binary must be accessible to www-data
Database	MySQL 5.7+ / MariaDB 10.4+	InnoDB engine required
Magento Cron	Must be configured	Run as www-data user, not root
Redis	Optional	Required for session/cache monitoring
Varnish	Optional	Required for Varnish hit rate monitoring
AWS SDK	Optional	Required only for AWS Integration feature
Composer	2.x	For installation

⚠️

Cron Must Run as www-data

Magento cron must run as the www-data user (not root). Running as root creates permission issues with generated files and can prevent MageMonitor from reading certain system stats. Verify with: sudo crontab -u www-data -l

Setup

Installation

1

Upload the Module

Extract the MageMonitor zip file and upload the MageMonitor folder to your server at app/code/PointOfCode/MageMonitor/ using SFTP or SCP.

scp -r MageMonitor/ user@server:/var/www/magento/app/code/PointOfCode/

2

Enable the Module

SSH into your server and run these commands as the web user:

sudo -u www-data php bin/magento module:enable PointOfCode_MageMonitor
sudo -u www-data php bin/magento setup:upgrade
sudo -u www-data php bin/magento setup:di:compile
sudo -u www-data php bin/magento cache:flush

3

Verify Installation

Check the module is active:

sudo -u www-data php bin/magento module:status PointOfCode_MageMonitor
# Expected output: Module is enabled

4

Enter Your License Key

In the Magento Admin go to Stores → Configuration → PointOfCode → MageMonitor → License and enter your license key. Then go to PointOfCode → MageMonitor in the admin menu to access the dashboard.

5

Optional: Enable Varnish Stats Access

If you use Varnish, add www-data to the varnish group for full statistics access:

sudo usermod -a -G varnish www-data
sudo systemctl restart php8.1-fpm  # or php8.2-fpm

✅

Installation Complete

MageMonitor will begin collecting data immediately. The first full scan runs within 5 minutes via cron. The dashboard is accessible at Admin → PointOfCode → MageMonitor.

Activation

License Activation

MageMonitor uses domain-based license validation. Your license key is tied to the domain where it is installed and validated automatically on every scan.

1

Go to Configuration

Navigate to Stores → Configuration → PointOfCode → MageMonitor → License

2

Enter License Key

Paste your license key in the format POC-XXXX-XXXX-XXXX-XXXX. This key was emailed to you after purchase from store.pointofcode.com.

3

Save and Validate

Click Save Config. The domain is auto-detected from your Magento base URL. Validation runs automatically in the background every 30 minutes via cron.

ℹ️

Domain Detection

MageMonitor automatically reads your store's base URL for license validation. No manual domain entry is required. If you migrate domains, contact support to transfer your license.

Configuration

General Settings

Master controls for the entire MageMonitor module. Navigate to Stores → Configuration → PointOfCode → MageMonitor → General Settings.

Enable MageMonitor

Default: Yes

Master on/off switch for all MageMonitor monitoring and scanning. When set to No, all cron jobs, plugins, and data collection stop immediately. The dashboard remains accessible but shows no new data.

Performance Monitoring

Controls how MageMonitor tracks request performance and how frequently it scans your server and Magento health. Navigate to Stores → Configuration → PointOfCode → MageMonitor → Performance Monitoring.

Sampling Rate (%)

Default: 10

Percentage of page requests that are tracked for performance analysis. At 10%, 1 in every 10 requests is measured for response time, route, and type. Tracked requests appear in the Slow Requests tab. Reduce to 5% on very high traffic stores (100k+ requests/day) to minimize overhead. Minimum: 1, Maximum: 100.

Slow Page Threshold (ms)

Default: 2000

Requests that take longer than this value (in milliseconds) are logged to the Slow Requests tab. Default is 2000ms (2 seconds). Lower this to 1000ms if you want to track moderately slow pages, or raise it on stores where complex pages naturally take longer.

Enable TTFB / FPC Check

Default: No

When enabled, manual scans (Run Full Scan button) send a self-HTTP request to measure homepage Time to First Byte (TTFB) and Full Page Cache status. Does NOT run during automatic cron scans to prevent performance impact. Adds 2–5 seconds to manual scan time. Enable only when troubleshooting FPC issues.

Server Scan Frequency

Default: Every 5 minutes

How often the server health cron runs. Checks PHP-FPM status, Redis health, OPcache, disk usage, and CPU load. Options: Every 1, 2, 5, 10, or 15 minutes.

Magento Scan Frequency

Default: Every 15 minutes

How often the Magento health cron runs. Checks cache status, indexer states, cron schedule, and Magento-specific configurations. Options: Every 5, 10, 15, or 30 minutes.

Store Intelligence

Deep background analysis that runs every 3 hours and surfaces proactive recommendations about your database, cron system, and performance configuration. All checks are strictly read-only. Navigate to Stores → Configuration → PointOfCode → MageMonitor → Store Intelligence.

Enable Background Scan

Default: Yes

Master switch for the Store Intelligence background cron which runs every 3 hours. The category toggles below apply to both background scans and manual scans via the Run Full Scan button.

Enable Database Intelligence

Default: Yes

Checks database storage capacity, oversized grid tables, async grid indexing status, known bloat tables (queues and logs with no retention), and missing database indexes that are causing slow queries.

Enable Cron Intelligence

Default: Yes

Checks for critical cron jobs that have not run in 24 hours, cron backlog (pending jobs overdue by 30+ minutes), cron running as root (causes permission errors), schedule table bloat, and stuck cron jobs.

Enable Performance Intelligence

Default: Yes

Checks flat catalog configuration on large stores and Full Page Cache backend (recommends Varnish on large catalogs). OPcache, Redis memory, and InnoDB buffer pool are covered by Server Monitoring instead.

Database Thresholds

DB Total Storage (GB)

Default: 0 (auto-detect)

Total provisioned database volume size in GB. Used for the storage-full percentage calculation. Set this manually if using AWS RDS (e.g. 500 for a 500GB RDS instance) because MySQL cannot detect the RDS volume size. Leave 0 to auto-detect from the local filesystem (works on non-RDS installations).

DB Storage Critical (%)

Default: 90

Trigger a CRITICAL alert when database storage exceeds this percentage of total capacity. At 100% usage, MySQL becomes read-only and the store stops functioning. Keep this at 90% or lower.

DB Storage Warning (%)

Default: 80

Trigger a HIGH alert when database storage exceeds this percentage. Gives advance warning before reaching the critical threshold.

Cron Thresholds

Cron Backlog Maximum

Default: 100

Trigger a WARNING when more than this many cron jobs are pending and overdue by 30+ minutes. A large backlog indicates cron is not running or is severely behind. Increase on large stores where many jobs accumulate normally.

cron_schedule Max Rows

Default: 1,000,000

Warn when the cron_schedule table exceeds this many rows. An oversized cron_schedule table slows down cron dispatch. The daily cleanup cron automatically purges old success/missed/failed entries.

Performance Thresholds

Flat Catalog Product Threshold

Default: 50,000

Warn when flat catalog is enabled and product count exceeds this value. On large catalogs, flat catalog rebuild time often exceeds the benefit it provides. Recommendation: disable flat catalog on stores with more than 50,000 products.

Varnish-Required Product Threshold

Default: 10,000

Recommend Varnish as FPC backend when product count exceeds this value and the store is currently using built-in PHP cache. For stores with large catalogs, Varnish is essential for acceptable storefront performance.

Cache Health Monitoring

Read-only health checks for Varnish, Redis, Magento FPC, and OPcache. Navigate to Stores → Configuration → PointOfCode → MageMonitor → Cache Health Monitoring.

Enable Cache Health Monitoring

Default: Yes

Master switch for the Cache Health detector. Each service (Varnish, Redis, FPC, OPcache) is probed only when present on the server — missing services are skipped silently without triggering alerts.

Varnish Hit Rate Critical Threshold (%)

Default: 20

Trigger a CRITICAL alert when the Varnish cache hit rate drops below this percentage. Important: stores with many logged-in customers typically achieve 35–45% hit rate, which is normal. Set this threshold lower (15–20%) for such stores to avoid false alerts.

Varnish Hit Rate Warning Threshold (%)

Default: 40

Trigger a WARNING when hit rate drops below this percentage. Use this to catch gradual degradation before it becomes critical. Adjust based on your store's typical hit rate pattern.

Database Cleanup Detection

Controls which tables appear in the "Database Cleanup Opportunities" section on the Database tab. MageMonitor never deletes data — it only provides copy-paste SQL suggestions. Navigate to Stores → Configuration → PointOfCode → MageMonitor → Database Cleanup Detection.

Table Size Threshold (MB)

Default: 100

Flag any table larger than this value (data + indexes combined, in MB). Increase this threshold on large production stores (e.g. 500MB) to reduce noise and show only significantly large tables.

Table Row-Count Threshold

Default: 500,000

Flag any table with more rows than this threshold. Large stores with millions of orders, customers, or log entries should increase this to 2,000,000 or more to avoid constant notifications about expected table sizes.

Security Settings

Controls for file integrity monitoring sensitivity and brute force detection thresholds. Navigate to Stores → Configuration → PointOfCode → MageMonitor → Security Settings.

File Integrity Chunk Size

Default: 200

Number of files to SHA-256 hash per cron run. The file integrity check runs every 4 hours, processing this many files per run in chunks to avoid server overload. Reduce on slower servers.

Brute Force Threshold

Default: 5

Number of failed admin login attempts within one hour that triggers a CRITICAL security alert. Default is 5 — set lower (3) for stricter security on stores with sensitive data.

Alert General Settings

Settings that apply to all alert channels (Email, Slack, and Webhook). Navigate to Stores → Configuration → PointOfCode → MageMonitor → Alert General Settings.

Alert Timezone

Default: UTC

Timezone used for timestamps in all alert channels. Set this to your local timezone so alert timestamps match your working hours. Example: Africa/Cairo for Egypt (UTC+2).

Store Name in Alerts

Default: empty (uses store name)

Override the store name shown in alert email subjects and Slack messages. Useful when managing multiple stores — set a short distinctive name like "Elaraby PROD" or "Store A". Leave empty to use the default Magento store name.

Email Alerts

Configure email notifications for health issues, score drops, and downtime events. Navigate to Stores → Configuration → PointOfCode → MageMonitor → Email Alerts.

Enable Email Alerts

Default: No

Master switch for all email notifications. Must be enabled for any email alerts to send.

Alert Recipients

Required when enabled

Comma-separated list of email addresses to receive alerts. Example: admin@store.com,tech@store.com. All listed addresses receive every alert — there is no per-recipient severity filtering.

Email Sender

Default: General Contact

Magento email sender identity to use for alert emails. Uses your existing Magento email sender configuration. Options: General Contact, Sales Representative, Customer Support, etc.

Health Score Threshold

Default: 70

Send an alert when the store health score drops below this value (0–100). The health score is calculated from the number and severity of open detections. Score 100 = no issues, 0 = critical problems in every category.

Minimum Severity for Alert

Default: All (including Info)

Only send email alerts for detections at or above this severity level. Options: Critical only, High and above, Warning and above, All (including Info). Recommended: Warning and above for production stores.

Digest Frequency

Default: Every 24 Hours

How often to send a digest email listing all open issues, regardless of whether new detections have occurred. Options: Every 6 hours, Every 12 hours, Every 24 hours, Weekly, Disabled. Digest emails are separate from immediate new-detection alerts.

Send Email on Downtime / Recovery

Default: Yes

When enabled, an immediate email is sent the moment any monitored URL goes DOWN, and another email when it RECOVERS. These are separate from the regular health digest and fire within 3 minutes of detecting the outage (on the next uptime check cron run).

💡

Test Your Email Setup

After configuring email alerts, use the Quick Fixes → Test Alert button in the MageMonitor dashboard to send a test notification and confirm delivery.

Slack Notifications

Receive MageMonitor alerts directly in your Slack workspace. Navigate to Stores → Configuration → PointOfCode → MageMonitor → Slack Notifications.

1

Create a Slack App

Go to api.slack.com/apps, click Create New App → From Scratch, give it a name like "MageMonitor", and select your workspace.

2

Enable Incoming Webhooks

In your app settings, go to Incoming Webhooks, toggle it on, then click Add New Webhook to Workspace. Select the channel to post alerts to.

3

Copy the Webhook URL

Copy the generated webhook URL (format: https://hooks.slack.com/services/T.../B.../...) and paste it into the Slack Webhook URL field in MageMonitor configuration.

Slack Webhook URL

Required when enabled

Full Incoming Webhook URL from your Slack App. Format: https://hooks.slack.com/services/TXXXXXXX/BXXXXXXX/XXXXXXXXX

Channel (optional)

Default: webhook default

Optional channel override. Example: #store-alerts. Leave empty to use the channel selected when creating the webhook.

Digest Frequency

Default: Every 24 Hours

How often to send a Slack health digest. This is independent from the email digest frequency — you can have daily emails but hourly Slack digests, for example.

Webhook Integration

Send MageMonitor health data to any HTTPS endpoint — useful for integrating with custom dashboards, PagerDuty, or other monitoring systems. Navigate to Stores → Configuration → PointOfCode → MageMonitor → Webhook Integration.

Webhook URL

Required when enabled

HTTPS endpoint to receive POST requests. Must accept Content-Type: application/json. MageMonitor sends a JSON payload with all current detections and store health data.

Webhook Secret

Recommended: 32+ characters

A random secret string used to sign webhook payloads with HMAC-SHA256. The signature is sent in the X-MageMonitor-Signature HTTP header so your endpoint can verify the request authenticity. Use a random generator to create a strong secret.

Uptime Monitoring

MageMonitor checks your store's uptime every 3 minutes and sends immediate alerts on downtime and recovery. Navigate to Stores → Configuration → PointOfCode → MageMonitor → Uptime Monitoring.

Enable Uptime Monitoring

Default: Yes

When enabled, the storefront homepage is checked every 3 minutes. Two consecutive failures are required before an alert is sent (to avoid false positives from transient errors).

Additional URLs to Monitor

Optional

One URL per line. The storefront homepage is always monitored automatically. Add other critical URLs such as your checkout page, API endpoints, or admin panel. Example:

https://www.store.com/checkout
https://api.store.com/health

Timeout (seconds)

Default: 10

Maximum seconds to wait for each URL check response. If the URL does not respond within this time, it is counted as a failure. Increase for slow APIs or geographically distant endpoints. Decrease for tighter SLA monitoring.

File Integrity Monitoring

SHA-256 hash monitoring of critical Magento files. Any unexpected change triggers a HIGH severity security alert. Navigate to Stores → Configuration → PointOfCode → MageMonitor → File Integrity Monitoring.

Enable File Integrity Checks

Default: Yes

When enabled, MageMonitor creates SHA-256 hashes of monitored files and compares them against the stored baseline on every scan. Changed hashes trigger a HIGH security alert listing the modified files.

Paths to Monitor

Default: app/etc/env.php, index.php, pub/index.php

One file path per line, relative to the Magento root directory. Default paths cover the most critical files that should never change unexpectedly. You can add custom files such as app/etc/config.php or .htaccess. After adding new paths, the baseline is rebuilt on the next scan.

Frontend Monitoring

JavaScript error collection from real visitor browsers. Captured errors appear in the JS Errors tab. Navigate to Stores → Configuration → PointOfCode → MageMonitor → Frontend Monitoring.

Enable JS Error Collector

Default: Yes

When enabled, a small JavaScript snippet is injected on every storefront page that catches uncaught JavaScript errors, unhandled Promise rejections, and RequireJS module load failures. Errors are batched and sent to MageMonitor every 3 seconds. The snippet itself is tiny and has negligible performance impact.

JS Errors Per Session

Default: 20

Maximum JavaScript error events collected per visitor browser session. Prevents high-traffic stores from flooding the database when a noisy error fires thousands of times per session. Increase to 50 if you need more detailed JS debugging data for a specific issue.

AWS Integration

Connect MageMonitor to AWS CloudFront, WAF, and CloudWatch for CDN analytics, WAF event monitoring, and infrastructure metrics. Navigate to Stores → Configuration → PointOfCode → MageMonitor → AWS Integration.

⚠️

AWS SDK Required

The AWS SDK must be installed before enabling this integration. Run on your server: composer require aws/aws-sdk-php

AWS Access Key ID

Optional on EC2 with IAM role

IAM user Access Key ID with read-only permissions to CloudFront, WAF, and CloudWatch. Leave empty if your server runs on EC2 with an IAM Instance Role — credentials are detected automatically via instance metadata.

CloudFront Distribution ID

Optional

Your CloudFront Distribution ID found in the AWS Console under CloudFront → Distributions. Example: E1ABCDEF123456. Leave empty if not using CloudFront.

WAF Web ACL Name

Optional

The exact name (not ARN) of your AWS WAF Web ACL. Found in AWS Console under WAF & Shield. Leave empty if not using AWS WAF.

WAF Scope

Default: Regional

CLOUDFRONT for WAF attached to a CloudFront distribution. REGIONAL for WAF attached to an ALB or API Gateway.

Cloudflare Integration

Connect to Cloudflare for CDN analytics, cache statistics, and WAF event monitoring. Navigate to Stores → Configuration → PointOfCode → MageMonitor → Cloudflare Integration.

Cloudflare API Token

Required when enabled

Create an API Token at dash.cloudflare.com with these permissions: Zone → Analytics:Read AND Zone → Firewall Services:Read. Do NOT use your Global API Key — use a scoped token for security.

Zone ID

Required when enabled

Found on your Cloudflare dashboard → select your domain → Overview page → right sidebar under "API". It is a 32-character hexadecimal string.

SSL Certificate Monitoring

Automatic SSL certificate expiry monitoring for all store domains. Navigate to Stores → Configuration → PointOfCode → MageMonitor → SSL Certificate Monitoring.

Enable SSL Monitoring

Default: Yes

When enabled, MageMonitor checks SSL certificates for all store domains every 6 hours. Certificate details (issuer, expiry date, days remaining) appear in the SSL Certs dashboard tab.

Additional Domains

Optional

One domain per line. Store domains from all active store views are checked automatically. Add any additional domains such as API subdomains or admin domains.

Warning Threshold (days)

Default: 30

Send a WARNING alert when any SSL certificate expires within this many days. A CRITICAL alert fires automatically at 7 days or fewer regardless of this setting — giving you 7 days of emergency warning even if you reduce the warning threshold.

Advanced Settings

Low-level controls for scanning behavior, HTTP monitoring, and data retention. Navigate to Stores → Configuration → PointOfCode → MageMonitor → Advanced Settings.

Automatic Cron Scanning

Default: Yes

When enabled, all MageMonitor detectors run automatically on their scheduled cron intervals. When disabled, detectors only run when you manually click Run Full Scan in the dashboard. Disable only in development environments or for troubleshooting.

Enable HTTP Client Monitor

Default: No

Disabled by default — this adds overhead to every outbound HTTP/HTTPS request made by Magento's Curl client. When enabled, slow calls (over 5 seconds) and errors are logged. Use only temporarily when troubleshooting third-party API integration issues. Disable immediately after debugging.

Data Retention (days)

Default: 30

Resolved detections older than this many days are automatically deleted by the daily cleanup cron. Open and acknowledged detections are not deleted. Minimum recommended: 14 days. Increase to 90 days if you need longer trend history.

Dashboard

Overview Tab

The landing page of the MageMonitor dashboard. Shows a health score, category status summary, and all Critical & High issues that need immediate attention.

Health Score

The circular score (0–100) reflects the overall health of your store:

Score Range	Color	Meaning
90–100	🟢 Green	Excellent — no significant issues
70–89	🟡 Yellow	Good — minor warnings present
50–69	🟠 Orange	Fair — high-severity issues need attention
0–49	🔴 Red	Poor — critical issues require immediate action

Category Cards

Each category card shows the detection count and color-coded status dot. Clicking a card navigates directly to that detection tab. Categories include: Server Health, Magento System, Database, Frontend/JS, Extensions, Performance, Security, Search, Cron Health, and Cache Health.

Critical & High Issues

All detections with severity Critical or High are listed here with their problem description, how-to-fix instructions, and action buttons. Use Mark as Solved to acknowledge an issue and remove it from the list.

Live Metrics Tab

Real-time server and database metrics that auto-refresh every 10 seconds. No page reload required.

🖥️

CPU Load

Current CPU usage percentage and load averages (1m, 5m, 15m). Shows total core count for context.

💾

RAM Usage

Used vs total RAM with percentage. Shows actual available memory accounting for buffers and cache.

💿

Disk (Root)

Disk usage percentage for the root filesystem with GB used and free.

🐘

PHP Memory

Current PHP request memory usage, configured limit, and peak usage.

🗄️

Database

Active query count, ping response time, and slow query indicator.

📦

DB Size

Total database size used in GB with progress bar (green/orange/red).

🔌

DB Connections

Active connections vs max allowed with percentage bar. Red alert if approaching limit.

🐢

Slow Queries

Count of queries currently running longer than 5 seconds. Expands to show query details.

System Details Table

Below the metric cards, a full system details table shows: PHP Version, SAPI, Memory Limit, Max Execution Time, OPcache status, CPU Cores, Disk paths, MySQL Version, InnoDB Buffer Pool, Max Connections, and Slow Query Log status.

Live Slow Queries

When any query is running longer than 5 seconds, an expandable panel appears showing: Query ID, User, Running time, State, and a snippet of the SQL. Rows turn red if running longer than 30 seconds.

Uptime Tab

Historical uptime data for all monitored URLs with availability percentages and response time trends.

The uptime check runs every 3 minutes. Two consecutive failures are required before marking a URL as DOWN (prevents false alerts from transient network issues). An immediate email is sent on status change (DOWN and RECOVERY) when Email Alerts are enabled with downtime notifications turned on.

Data Point	Description
Uptime %	Percentage of checks that returned HTTP 200 in the last 7 days
Avg Response	Average response time in milliseconds across all checks
Last Check	Result and timestamp of the most recent uptime check
Status	Current UP or DOWN status with time since last change

Detection Tabs

Each detection category has its own tab in the sidebar. All tabs follow the same format: detection cards at the top showing active issues, followed by analytical data sections.

Tab	What It Monitors	Scan Frequency
Server	PHP-FPM, OPcache, disk, RAM, cron jobs, file integrity, admin logins, health check endpoint	Every 5 min (configurable)
Magento	Cache status, indexers, Magento config issues, order email sending, version checks	Every 15 min (configurable)
Database	Live slow queries, missing indexes, table fragmentation, storage usage, largest tables, cleanup opportunities	Every 30 min
Frontend	JS error rate, checkout JS errors, recurring error patterns, JS error spikes	Every 15 min
Extensions	Module conflicts, disabled modules, known compatibility issues	Every 15 min
Performance	Flat catalog configuration, FPC backend, Redis memory, InnoDB buffer pool, OPcache sizing	Every 20 min
Search	Elasticsearch/OpenSearch health, search index status, search query table bloat	Every 6 hours
Security	File integrity changes, brute force attempts, admin login audit, WAF events	Every 4 hours (file check)
Cron Health	Critical job status, backlog, stuck jobs, schedule bloat, root ownership	Every 3 hours (intelligence)
Cache Health	Varnish hit rate, Redis memory/eviction, FPC backend, OPcache hit rate	Every scan

Detection Severity Levels

CRITICAL

Site down or revenue loss happening right now

Examples: Varnish not running, checkout JS errors, database refusing connections, health check failing, SSL certificate expired.

HIGH

Will cause real problems within hours if not addressed

Examples: SSL expiring in 7 days, Redis evicting keys, DB connections near limit, Varnish backend failures, cron backlog exceeding threshold.

WARNING

Should be fixed but not immediately urgent

Examples: Varnish hit rate below threshold, missing database indexes, table fragmentation, slow query log disabled, JS error spike.

INFO

Good to know for planning purposes

Examples: PHP EOL version, MySQL slow log disabled, Magento version available for upgrade, OPcache files threshold low.

Slow Requests Tab

Shows the slowest routes across your store based on sampled request tracking. Requests exceeding the configured threshold (default 2000ms) are recorded with route, method, average time, max time, hit count, and last seen.

The table is split into two sections:

Active (last 24h) — Routes still generating slow requests recently, sorted by average response time
Historical — Routes that were slow in the past but have not been seen recently, shown with dimmed styling

Route types are color-coded: PAGE (storefront pages), REST (REST API calls), GRAPHQL (GraphQL queries), ADMIN (admin panel pages).

JS Errors Tab

Real JavaScript errors collected from real visitors' browsers. The collector catches window.onerror, unhandledrejection, and require.onError events, batches them client-side, and sends them to MageMonitor every 3 seconds.

Stat Cards

Total Hits — Sum of all error occurrences (click to show all errors)
Unique Errors — Number of distinct error fingerprints (click to show all errors)
On Checkout — Errors occurring on checkout pages (click to filter to checkout only)
Last Hour — Errors seen in the last 60 minutes (click to filter to recent)

Filtering

Search box — Filter by error message, source file, or page URL in real time
Page filter dropdown — Filter to a specific page or all pages
Card click — Click any stat card to filter the table

Error Table

Errors are grouped by message + source file combination. Each row shows: error message, source filename, pages affected (with page count badge if multiple pages), total count, and last seen timestamp. The page column color-codes checkout (red), customer account (orange), and homepage (blue) for quick identification.

💡

Checkout Errors = Revenue Loss

JavaScript errors on checkout pages directly prevent customers from completing purchases. Any non-zero count in the ON CHECKOUT card should be investigated immediately.

CDN Tab

CDN analytics from AWS CloudFront or Cloudflare. Shows cache hit rate, bandwidth, request volume, top cached URLs, and error rates. Requires AWS or Cloudflare integration to be configured.

WAF Tab

Web Application Firewall events from AWS WAF or Cloudflare. Shows blocked requests, triggered rules, and top blocked IPs. Requires AWS or Cloudflare integration to be configured.

SSL Certs Tab

SSL certificate status for all monitored domains. Shows certificate issuer, expiry date, and days remaining with color-coded urgency indicators.

Days Remaining	Status	Alert Sent
30+ days	🟢 Valid	No alert
7–29 days	🟡 Warning	WARNING alert
1–6 days	🔴 Critical	CRITICAL alert
0 or expired	🔴 Expired	CRITICAL alert

Infrastructure Tab

Detailed server infrastructure information including PHP configuration, Apache/Nginx settings, Redis configuration, deployment mode, and MageMonitor's own database storage usage.

Live Traffic Tab

Real-time traffic feed showing the last 2 hours of sampled requests with route, response time, status code, and request type. Data refreshes automatically. Traffic is sampled at the configured sampling rate (default 10%).

Tools

Quick Fixes

One-click maintenance actions that run instantly from the dashboard. Every action is logged to the Audit Log with the admin username, timestamp, and result.

Cache & Files

Flush All Caches

Clears all Magento cache types (config, block_html, full_page, etc.)

Enable All Caches

Re-enables any disabled Magento cache types

Clear Generated Code

Removes DI-generated interceptors and factories from var/generated/

Clear Static Files

Removes preprocessed CSS, JS, and frontend files from pub/static/

Warm Cache

Crawls homepage of all active store views to pre-warm Varnish/FPC after a deployment

Indexing

Reindex Invalid

Reindexes only invalid indexers (fastest, for routine use)

Reindex All

Full reindex of every indexer — runs in background. Use "Check Reindex Status" to monitor progress

Check Reindex Status

Shows progress of any background reindex with live log output

Database

Optimize Tables

Runs OPTIMIZE TABLE on fragmented tables (>30% wasted space, >100MB recoverable). Runs in the background with a 3-minute timeout

Clean Expired Quotes

Deletes abandoned shopping carts older than 1 year (inactive quotes only)

Clean Cron Schedule

Purges old success/missed/failed cron history older than 7 days to prevent schedule table bloat

Server & Maintenance

Kill Zombie Crons

Marks cron jobs stuck in "running" state for more than 3 hours as "missed" to unblock the cron queue

Truncate Large Logs

Clears log files larger than 10MB in var/log/

Fix Varnish Permissions

Adds www-data to the varnish group for full statistics access. Only shown when Varnish is running and permissions need fixing

Enable Maintenance Mode

Puts store in maintenance mode. Your current IP is automatically whitelisted so you retain admin access

Disable Maintenance Mode

Takes store out of maintenance mode, making it live for customers again

Test Alert

Triggers the AlertProcessor to send a test notification to all configured channels (Email, Slack, Webhook)

Clear Detections

Clears detection history only. Keeps traffic, uptime, and JS error data. Requires confirmation showing exact record count

Reset MageMonitor

Clears ALL MageMonitor data. Shows exact record counts per table before confirmation. Requires typing "RESET" to confirm. License key and configuration are preserved

🔴

Reset MageMonitor — Use with Caution

The Reset MageMonitor action permanently deletes all monitoring history including detections, JS errors, uptime logs, traffic data, and audit logs. This cannot be undone. A detailed modal shows exact record counts before you confirm. Requires typing RESET to proceed.

Server Advisor

An automated analysis tool that evaluates your server configuration against Magento best practices and provides specific recommendations with exact configuration values calculated for your server's resources (RAM, CPU cores, traffic volume).

The Server Advisor analyzes PHP-FPM pool settings, OPcache configuration, Redis memory allocation, MySQL buffer pool size, and Apache/Nginx worker configuration — then generates recommendations tailored to your specific server specs.

Audit Log

Complete audit trail of all Quick Fix actions performed through the MageMonitor dashboard. Every action is recorded with the admin username, timestamp, action type, and result message.

The audit log cannot be edited or deleted through the UI — it provides a tamper-evident record of all maintenance actions for compliance and troubleshooting purposes.

Health Report

Generate a complete store health report as a self-contained HTML page that can be saved as PDF directly from your browser.

Click the Report button in the MageMonitor header to open the report in a new browser tab. The report includes:

Executive summary with issue counts by severity
All Critical & High issues with how-to-fix instructions
All Warnings and Info detections
Server health metrics snapshot
Database health and largest tables
Cache health (Varnish, Redis, FPC, OPcache)
Cron job status summary
Uptime summary for last 7 days
Top JS errors
SSL certificate status
Performance overview
Security summary
Actionable recommendations

To save as PDF: click Download PDF inside the report page, which opens the browser print dialog. Select "Save as PDF" as the destination.

Reference

All Detectors

MageMonitor includes 10 specialized detectors. Each detector runs independently with its own try/catch error handling — a failure in one detector never affects others.

Server Detector

Runs every 5 minutes (configurable). Checks PHP-FPM worker status, OPcache hit rate and memory, disk usage across all mount points, MySQL buffer pool sizing, Redis connection health, cron process ownership (root vs www-data), health check endpoint availability, and admin login brute force attempts.

Magento Detector

Runs every 15 minutes (configurable). Checks Magento cache status (which types are enabled/disabled), indexer states (valid/invalid/working), async grid indexing configuration, order confirmation email sending status, and Magento configuration issues.

Database Detector

Runs every 30 minutes. Checks database storage utilization, live slow queries from PROCESSLIST, missing indexes on high-impact tables (url_rewrite, sales_order_address), table fragmentation (>30% waste AND >200MB recoverable), async grid indexing, and orders grid size.

Frontend Detector

Runs every 15 minutes. Analyzes the JS error log for checkout errors, error spikes (unusual increase in error volume), and recurring high-frequency errors that degrade user experience.

Extensions Detector

Runs every 15 minutes. Checks for disabled modules that other modules depend on, known conflicting extension combinations, and modules with known performance issues.

Performance Detector

Runs every 20 minutes. Checks flat catalog configuration vs product count, Full Page Cache backend (recommends Varnish at scale), Redis maxmemory configuration, InnoDB buffer pool vs available RAM, and OPcache sizing.

Search Detector

Runs every 6 hours. Checks Elasticsearch/OpenSearch cluster health (yellow/red status), shard assignment, and search query table growth with intelligent junk ratio analysis (flags only when >40% of rows are one-time queries older than 90 days).

Security Detector

Runs every 4 hours (file check). Monitors file integrity changes against stored SHA-256 baseline, admin brute force attempts, and WAF events from AWS or Cloudflare integration.

Cron Health Detector

Runs every 3 hours (Store Intelligence). Checks critical cron jobs (sales_send_order_emails, indexer_reindex_all_invalid, sitemap_generate, catalog_product_alert), cron backlog count, stuck running jobs, cron_schedule table size, and whether cron is running as root.

Cache Detector

Runs on every scan. Checks Varnish running status and hit rate (via varnishstat with layered fallback), Redis running status, memory usage, eviction policy, evicted keys count, and per-database key counts. Also checks Magento FPC backend configuration and OPcache hit rate and file count.

Background Jobs

MageMonitor registers 19 cron jobs that run automatically via Magento's cron system. All jobs are prefixed with poc_magemonitor_ and belong to the default cron group.

Job	Schedule	What It Does
ServerHealth	Configurable (default: */5)	PHP-FPM, OPcache, disk, Redis health scan
MagentoHealth	Configurable (default: */15)	Cache, indexers, Magento config scan
DatabaseHealth	/30 * * *	DB storage, indexes, slow queries, fragmentation
PerformanceCheck	/20 * * *	FPC, flat catalog, Redis config checks
FrontendHealth	/15 * * *	JS error analysis, checkout error detection
UptimeCheck	/3 * * *	HTTP health check of all monitored URLs
AlertProcessor	/5 * * *	Sends email/Slack/webhook alerts for new detections
FlushTrafficQueue	* * * * *	Writes queued traffic data from Redis/files to DB
TrafficSnapshot	/2 * * *	Captures traffic metrics snapshot
CleanTrafficData	/5 * * *	Removes traffic data older than 2 hours
LogParser	/10 * * *	Parses Magento log files for error patterns
CdnStats	/10 * * *	Fetches CDN analytics from AWS/Cloudflare
SslCheck	0 /6 * *	Checks SSL certificate validity and expiry
SearchCheck	0 /6 * *	Elasticsearch/OpenSearch health check
HealthScoreSnapshot	0 * * * *	Calculates and saves hourly health score
FileIntegrity	0 /4 * *	SHA-256 hash comparison for monitored files
LicenseCheck	/30 * * *	Validates license key against registered domain
StoreIntelligenceScan	0 /3 * *	Deep database/cron/performance intelligence scan
Cleanup	0 2 * * *	Daily cleanup of old data per retention policy

⚠️

Cron Must Be Running

All MageMonitor features depend on Magento cron running as www-data. Verify your cron is configured: sudo crontab -u www-data -l. If cron is not installed, run: sudo -u www-data php bin/magento cron:install

Notifications

MageMonitor supports three notification channels, each configurable independently with their own digest schedule.

How Alerts Work

The AlertProcessor cron runs every 5 minutes and checks for:

New detections — Issues detected since the last alert cycle that meet the minimum severity threshold
Health score drops — When the score falls below the configured threshold
Digest schedule — Full summary of all open issues on the configured interval
Downtime/Recovery — Immediate alerts when any monitored URL changes state

Alert Deduplication

The same detection code does not trigger repeated alerts. An alert is sent when a detection is first created, and again only if the detection was resolved and reoccurs. Persistent issues are included in digest emails rather than sending individual alerts on every scan cycle.

Webhook Payload Format

{
  "event": "detection_alert",
  "store": "My Store",
  "health_score": 72,
  "timestamp": "2026-06-13T10:00:00+02:00",
  "detections": [
    {
      "code": "VARNISH_HIT_RATE_CRITICAL",
      "severity": "critical",
      "category": "cache",
      "title": "Varnish Hit Rate Critical (18%)",
      "problem": "Varnish cache hit rate is 18%...",
      "how_to_fix": "Check VCL cookie stripping..."
    }
  ]
}

Webhook payloads are signed with HMAC-SHA256 using your configured secret. Verify the signature on your endpoint by comparing the X-MageMonitor-Signature header against HMAC-SHA256(secret, payload_body).

FAQ

Frequently Asked Questions

Does MageMonitor impact store performance?

MageMonitor is designed for minimal overhead. The traffic sampling plugin runs on a configurable percentage of requests (default 10%) with a cache-backed enablement check on every request. All heavy analysis runs via background cron, not during customer page loads. The JS collector snippet is under 2KB and uses a 3-second batch delay before sending.

Does MageMonitor modify any store data?

No. All detectors are strictly read-only — they only run SELECT queries against your database. The only writes MageMonitor performs are to its own tables (prefixed poc_magemonitor_). Quick Fix actions that modify data (cache flush, reindex) run standard Magento CLI commands and are explicitly triggered by admin users.

The health score is 0 but my store is working fine. Why?

This can happen immediately after installation before the first cron scan completes. Wait 5–10 minutes for the initial scans to run. If the score remains 0, check that Magento cron is running: sudo crontab -u www-data -l.

I see a false positive detection. How do I stop it?

Use Mark as Solved on any detection card to acknowledge it. For persistent false positives (e.g. Varnish hit rate warning on a store with many logged-in customers), adjust the relevant threshold in Configuration — for example, lower the Varnish Hit Rate Warning Threshold from 40% to 25%.

Can I install MageMonitor on multiple stores with one license?

Each license key is tied to one domain. For multiple stores (different domains), purchase a separate license for each. Multi-domain licenses are available — contact support at store.pointofcode.com.

Varnish stats show 0% hit rate but Varnish is running.

The www-data user does not have permission to read Varnish shared memory. Fix using the Quick Fix button: Quick Fixes → Fix Varnish Permissions. Or run manually: sudo usermod -a -G varnish www-data && sudo systemctl restart php-fpm

The "On Checkout" filter shows no errors but the count is non-zero.

Checkout errors are matched against URLs containing "checkout", "onepage", or "payment". If your store uses a custom checkout URL, the filter may not match. Search for the checkout URL pattern manually using the search box in the JS Errors tab.

How do I uninstall MageMonitor?

Run the following commands:

sudo -u www-data php bin/magento module:disable PointOfCode_MageMonitor
sudo -u www-data php bin/magento setup:upgrade
sudo -u www-data php bin/magento cache:flush
# Optionally remove the module files:
rm -rf app/code/PointOfCode/MageMonitor/

MageMonitor also includes an Uninstall script that removes all its database tables automatically when uninstalled via module:uninstall.

MageMonitorStore Health Dashboard

What is MageMonitor?

Requirements

Installation

Upload the Module

Enable the Module

Verify Installation

Enter Your License Key

Optional: Enable Varnish Stats Access

License Activation

Go to Configuration

Enter License Key

Save and Validate

General Settings

Performance Monitoring

Store Intelligence

Database Thresholds

Cron Thresholds

Performance Thresholds

Cache Health Monitoring

Database Cleanup Detection

Security Settings

Alert General Settings

Email Alerts

Slack Notifications

Create a Slack App

Enable Incoming Webhooks

Copy the Webhook URL

Webhook Integration

Uptime Monitoring

File Integrity Monitoring

Frontend Monitoring

AWS Integration

Cloudflare Integration

SSL Certificate Monitoring

Advanced Settings

Overview Tab

Health Score

Category Cards

Critical & High Issues

Live Metrics Tab

System Details Table

Live Slow Queries

Uptime Tab

Detection Tabs

Detection Severity Levels

Slow Requests Tab

JS Errors Tab

Stat Cards

Filtering

Error Table

CDN Tab

WAF Tab

SSL Certs Tab

Infrastructure Tab

Live Traffic Tab

Quick Fixes

Cache & Files

Indexing

Database

Server & Maintenance

MageMonitor

Server Advisor

Audit Log

Health Report

All Detectors

Server Detector

Magento Detector

Database Detector

Frontend Detector

Extensions Detector

Performance Detector

Search Detector

Security Detector

Cron Health Detector

Cache Detector

Background Jobs

Notifications

How Alerts Work

Alert Deduplication

MageMonitor
Store Health Dashboard