Changelog

Major release focused on security hardening, bug fixes from a comprehensive codebase audit, and SEO infrastructure.

• SecurityPatched SSRF vulnerability in Teams and Prometheus webhook notifications
• SecurityFixed cross-organization data access (IDOR) in notification channel linking
• SecurityAdded visual monitor count limit enforcement on monitor updates (billing bypass fix)
• NewMonitor status now shows specific error reasons — Connection Refused, DNS Failed, Timed Out, Blocked (403), Cloudflare Error (520-524)
• NewContextual "Unblock Guide" link appears when Cloudflare blocks monitoring
• NewCloudflare monitoring troubleshooting guide with IP whitelisting instructions
• NewServer offline detection — alerts when servers stop reporting for 5+ minutes
• NewAnomaly notifications now sent for medium+ severity AI-detected anomalies
• NewSEO content engine — topic clusters, internal link auto-injection, cluster-aware breadcrumbs
• NewChangelog page for tracking product updates
• FixFixed monitor refresh showing "Down (200)" for operational sites
• FixFixed MAJOR_OUTAGE and PARTIAL_OUTAGE displaying as "Operational" in UI
• FixFixed status mapping bugs across 7 files — missing states silently fell to wrong display
• FixFixed settings form fields (Method, Expected Status, Follow Redirects) not rendering on first open
• FixFixed 5-second middleware timeouts from session DB query on every request — added 5-minute cache
• FixFixed incident detail page unreadable in light mode (hardcoded dark-mode colors)
• FixAdded error boundary for dashboard — component crashes no longer remove navigation
• ImprovedReplaced all 20 native browser confirm() dialogs with styled React modals
• ImprovedReplaced all native alert() calls with auto-dismissing toast notifications
• ImprovedAdmin users table: dedicated Plan column + inline action buttons
• ImprovedPage timeouts and connection errors logged as warnings instead of errors (reduces Discord noise)
• ImprovedRemoved 11 dead code files (3,994 lines) — cleaner codebase
• ImprovedDNS and performance tables now scroll horizontally on mobile instead of crushing

• NewAI-powered monitoring keyword positioning across homepage and meta tags
• NewGitHub OAuth authentication for login and signup
• NewCollapsible sidebar with localStorage persistence
• NewBlog featured images generated with AI (Replicate SDXL)
• FixDNS SOA records excluded from change detection (too noisy)
• FixDNS alert wording improved — Added/Removed/Updated instead of New/Old
• ImprovedOnboarding URL field: hardcoded https:// prefix, auto-strips protocol on paste
• ImprovedOAuth buttons side-by-side in grid layout
• ImprovedHero section spacing improved with natural breathing room

• NewPlan rename: Professional → Business, Enterprise → Agency
• NewServer alert system with CPU/memory/disk threshold monitoring
• NewPer-server alert configuration with notification channel overrides
• NewWhatsApp templates for server alerts (CPU, memory, disk, offline, recovery)
• NewFree plan: check interval 1hr → 5min, Starter: 10 → 15 monitors
• ImprovedServer alert evaluator with consecutive breach counting and cooldown logic

• NewContent change detection with CSS selector-based monitoring
• NewContent freshness monitoring with configurable staleness thresholds
• NewKeyword checking in visual screenshots
• NewBlog pipeline for AI-generated SEO content
• ImprovedVisual monitoring sub-pages for monitoring multiple URLs under one monitor

Migrated from CPX21 to dedicated EX44 server with full CI/CD pipeline.

• NewHetzner EX44 dedicated server (14C/20T, 64GB RAM)
• NewGitea CI/CD pipeline for beta and production deployments
• NewContainer watchdog with Discord alerts on unexpected restarts
• NewHetzner Robot firewall management (no UFW)
• SecurityCaddy reverse proxy with automatic TLS via Let's Encrypt
• ImprovedDocker resource limits: 12GB app, 32GB worker with 4GB shm