Coming soon: Oh Dear! – Monitoring for the encrypted web

Want to help support this blog? Try out Oh Dear, the best all-in-one monitoring tool for your entire website, co-founded by me (the guy that wrote this blogpost). Start with a 10-day trial, no strings attached.

We offer uptime monitoring, SSL checks, broken links checking, performance & cronjob monitoring, branded status pages & so much more. Try us out today!

Profile image of Mattias Geniar

Mattias Geniar, September 10, 2017

Follow me on Twitter as @mattiasgeniar

I’m excited to announce a new project I’m working on: Oh Dear!

The goal of Oh Dear! is to provide modern monitoring & feedback for sites that run on HTTPS. With Chrome’s soon-to-be-released version that marks any input on non-HTTPS pages as “Not Secure”, that target audience is huge.

The baseline below I think sums it up very accurately.

Many users only look at their certificate expiration dates when running HTTPS sites and – hopefully – renew in time. But that’s only a small part of the journey to HTTPS. I’ve ranted about messing up HTTPS often enough that I don’t want to repeat myself anymore.

What does Oh Dear! offer?

From my old rant, the summary from way-back-then still stands today:

Browsers don’t care if your HTTPS config is 95% perfect. They’ll destroy the visitor’s experience if you don’t nail it for the full 100%.

There’s many things that can go wrong with deploying HTTPS, including;

  • Expired certificates
  • Revoked certificates
  • Missing intermediate certificates in your chain
  • Mixed content on your site
  • Bad or insecure TLS ciphers used in the config
  • Incorrectly configured OCSP stapling
  • Badly pinned keys with HPKP

Oh Dear! monitors for each and every one of those things, and more.

Included in Oh Dear! is Certificate Transparency reporting, so you can get notified whenever a new certificate is issued for one of your domains, intentional or otherwise.

Meet the team

Unlike my usual projects, this time I’m working together with smart folks to help make Oh Dear! a success.

The team consists of Dries Vints, Freek Van der Herten & me. We’re all active in the Laravel community. Dries & Freek go way back, I only got to know these smart men a little over a year ago.

Join the beta

We’re not open to the public yet, but there’s a beta program you can subscribe to in order to get access to Oh Dear!.

If you run a website on HTTPS – and chances are, you do – don’t let a bad certificate or configuration ruin your day. Trust us to monitor it for you and report any errors, before your visitors do.

Go check out our app at ohdearapp.com or follow us on Twitter via @OhDearApp.

Want to subscribe to the cron.weekly newsletter?

I write a weekly-ish newsletter on Linux, open source & webdevelopment called cron.weekly.

It features the latest news, guides & tutorials and new open source projects. You can sign up via email below.

No spam. Just some good, practical Linux & open source content.