Skip to main content

Overview

HTTP/HTTPS monitoring is the most common monitor type, used to check the availability and performance of websites, APIs, and web services. UptimeIO makes HTTP requests to your endpoint and validates the response.
UptimeIO automatically detects whether to use HTTP or HTTPS based on your URL. Both protocols are supported under the “HTTP” monitor type.

Use Cases

Website Monitoring

Ensure your website is accessible and loading correctly

API Health Checks

Monitor REST API endpoints for availability

E-commerce Sites

Track checkout pages and payment gateways

Authentication Endpoints

Monitor login and authentication services

Creating an HTTP Monitor

1

Basic Configuration

Name: Production API
URL: https://api.example.com/health
Type: HTTP/HTTPS
Check Interval: 60 seconds
Timeout: 30 seconds
2

Select Monitoring Regions

Choose regions to monitor from:
  • Auto: Intelligent selection (2 regions)
  • Manual: Select specific regions
For global services, select regions where your users are located.
3

Configure HTTP Settings

Customize the HTTP request:
  • HTTP method
  • Expected status codes
  • Request headers
  • Request body
  • Authentication
  • Redirect behavior

HTTP Methods

UptimeIO supports all standard HTTP methods:
MethodUse CaseBody Allowed
GETRetrieve data, health checksNo
HEADCheck headers without body (faster)No
POSTSubmit data, trigger actionsYes
PUTUpdate resourcesYes
PATCHPartial updatesYes
DELETERemove resourcesNo
OPTIONSCheck supported methodsNo
Use HEAD for faster checks when you only need to verify the endpoint is responding. It’s identical to GET but doesn’t download the response body.

Expected Status Codes

Configure which HTTP status codes indicate success. By default, UptimeIO expects 2xx and 3xx status codes.

Common Configurations

Expected Status Codes: 200-299, 300-399
Accepts any successful response or redirect. Best for most websites and APIs.

Request Headers

Add custom headers to your HTTP requests for authentication, content negotiation, or custom requirements.

Common Headers

Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...
X-API-Key: your-api-key-here
Never include sensitive credentials in monitor configurations. Use environment-specific API keys or tokens that can be rotated if compromised.

Request Body

For POST, PUT, and PATCH requests, you can include a request body.

JSON Body Example

{
  "action": "health_check",
  "timestamp": "2024-01-15T10:30:00Z",
  "source": "uptimeio"
}
When you provide a request body, UptimeIO automatically sets Content-Type: application/json unless you override it in the headers.

Authentication

UptimeIO supports two authentication methods for HTTP monitors: 
Type: Basic
Username: your-username
Password: your-password
Sends credentials in the Authorization header using Base64 encoding:
Authorization: Basic dXNlcm5hbWU6cGFzc3dvcmQ=

Redirect Handling

Control how UptimeIO handles HTTP redirects:
SettingBehaviorUse Case
Follow Redirects: ONFollows up to 5 redirectsNormal websites, APIs with redirects
Follow Redirects: OFFTreats redirects as failuresEnsure no unexpected redirects
Max Redirects: 1-10Custom redirect limitFine-tune redirect behavior
Enable redirect following for most websites. Disable it if you want to detect when your site starts redirecting unexpectedly (e.g., to a maintenance page).

SSL/TLS Verification

UptimeIO automatically verifies SSL certificates for HTTPS endpoints:
  • Checks certificate validity
  • Verifies certificate chain
  • Validates hostname matches
  • Checks expiration date
Configure warnings before certificate expiration:
  • 30 days before expiry
  • 7 days before expiry
  • 1 day before expiry
Separate incidents are created for SSL expiry warnings.
For development or self-signed certificates, you can disable SSL verification.
Only disable SSL verification for testing environments. Never disable it for production monitoring.

Slow Response Alerts

Monitor response time performance and get alerted when your service slows down:
1

Enable slow response monitoring

Slow Response Alert: Enabled
Threshold: 2000ms (2 seconds)
2

Incident creation

When response time exceeds the threshold, a separate “Slow Response” incident is created (distinct from downtime incidents).
3

Automatic resolution

The incident resolves when response time drops below 80% of the threshold for 3 consecutive checks.Example: With 2000ms threshold, incident resolves when response time is below 1600ms for 3 checks.
Slow response incidents are separate from downtime incidents. Your monitor can be “UP” but have an active slow response incident.

Response Time Breakdown

UptimeIO provides detailed timing information for each check: 
Total Response Time: 245ms
├── DNS Resolution: 12ms
├── TCP Connection: 45ms
├── TLS Handshake: 78ms
└── Server Response: 110ms
This breakdown helps you identify where delays occur:
  • DNS Resolution: DNS lookup time
  • TCP Connection: Time to establish TCP connection
  • TLS Handshake: SSL/TLS negotiation time
  • Server Response: Time for server to generate and send response

Cache Buster

Important for monitoring cached content: If your site uses caching (CDN, reverse proxy), UptimeIO might monitor the cached version instead of your actual server.
To bypass caches and monitor your origin server:
Add a random query parameter to your URL:
https://example.com?nocache=${timestamp}
Most caches treat different query strings as unique URLs.
Learn more about cache busting strategies in our blog post.

Best Practices

Create lightweight /health or /ping endpoints that:
  • Return quickly (< 100ms)
  • Check critical dependencies (database, cache)
  • Return meaningful status codes
  • Don’t perform heavy operations
  • Fast APIs: 5-10 seconds
  • Standard websites: 15-30 seconds
  • Heavy operations: 30-60 seconds
Avoid timeouts longer than 60 seconds.
Always use at least 2 regions to avoid false positives from regional network issues. For global services, monitor from 3-4 regions.
HEAD requests are faster and consume less bandwidth. Use them for simple availability checks where you don’t need the response body.

Example Configurations

Name: Company Homepage
URL: https://example.com
Method: GET
Expected Status: 200-299, 300-399
Timeout: 30s
Follow Redirects: Yes

Troubleshooting

  • Increase timeout value
  • Check if your server is slow to respond
  • Verify no firewall is blocking UptimeIO’s IP ranges
  • Check if SSL handshake is taking too long
  • Verify expected status codes match your endpoint’s behavior
  • Check if authentication is required
  • Ensure no redirects are occurring if you’re not following them
  • Verify the URL is correct
  • Ensure certificate is valid and not expired
  • Check certificate chain is complete
  • Verify hostname matches certificate
  • For self-signed certs, disable SSL verification (testing only)
  • Enable multi-region monitoring (at least 2 regions)
  • Increase timeout if server occasionally responds slowly
  • Check if your server blocks repeated requests (rate limiting)
  • Whitelist UptimeIO’s user agent if needed

Next Steps

Keyword Monitoring

Check for specific content on pages

Set Up Notifications

Configure alerts for HTTP monitors

API Reference

Create monitors via API

Status Pages

Show HTTP monitor status publicly