T3 Monitoring: Professional TYPO3 Monitoring for Multi-Site Environments

Automatic monitoring of TYPO3 instances: Core versions, extension security, server configuration and performance. With email alerts, detailed reporting and a central dashboard.
Kurt Dirnbauer
Kurt Dirnbauer
CEO
Stable
TYPO3DevOpsSecurity

Overview

  • T3 Monitoring by Georg Ringer monitors multiple TYPO3 instances centrally: Core versions, extension security and server configuration.
  • Email alerts for outdated cores, insecure extensions and server issues; weekly reports and admin overviews.
  • T3 Monitoring perfectly complements the TYPO3 Updater: monitoring finds outdated instances, the updater executes updates.

Introduction  

Keeping an eye on multiple TYPO3 instances is challenging: Are all Core versions up to date? Are there security issues with extensions? Is the server configuration working correctly? T3 Monitoring by Georg Ringer offers the solution – a central monitoring platform that monitors all TYPO3 instances and automatically informs you about issues.

The extension is aimed at agencies, hosting providers, and IT departments that professionally manage multiple TYPO3 installations and want to proactively respond to security vulnerabilities and configuration problems.

Perfect Combination

T3 Monitoring perfectly complements the TYPO3 Updater: monitoring identifies outdated instances, the updater executes updates automatically. A continuous DevOps pipeline for TYPO3.

Table of Contents  

Why T3 Monitoring?  

Challenges in TYPO3 Management  

For agencies with many TYPO3 projects:

  • Manual checking of 20+ instances takes time and is prone to errors
  • Security updates are overlooked or rolled out with delays
  • Server configuration issues go unnoticed
  • No central overview of the status of all projects

For hosting providers:

  • Client instances must be proactively monitored
  • SLA requirements demand fast response times
  • Documentation and reporting for compliance
  • Scalable solution for hundreds of instances

For IT departments:

  • Enterprise requirements for monitoring and alerting
  • Audit-proof documentation of the security status
  • Automated reports for management
  • Minimisation of downtime through preventative maintenance

The Solution: T3 Monitoring  

T3 Monitoring offers a central monitoring instance that oversees all your TYPO3 installations:

    Central Monitoring

    A master installation monitors all client instances. Detailed lists, filters, and search functions for a quick overview.

    Automated Alerts

    Email notifications for outdated cores, insecure extensions, server issues, or unreachable instances.

    Comprehensive Reporting

    Weekly reports, admin overviews, and client-specific notifications with all relevant details.

Features in Detail  

Core Monitoring  

T3 Monitoring continuously monitors the TYPO3 version of each client instance:

Feature Set:

  • Version Tracking: Detection of outdated TYPO3 cores
  • Security Alerts: Warning for known security vulnerabilities
  • LTS Status: Distinction between LTS and non-LTS versions
  • Update Recommendations: Clear pointers to recommended updates
Security First

Outdated TYPO3 cores are a significant security risk. T3 Monitoring automatically identifies these instances and prioritises them in the reports.

Extension Security Monitoring  

The extension checks all installed extensions against the TYPO3 Extension Repository (TER) security database:

Checked Criteria:

  • Security advisories for installed extensions
  • Outdated extension versions
  • End-of-Life extensions
  • Recommended updates

Limitation:

  • Only extensions from the TER are monitored
  • Extensions installed via Composer without TER registration are not checked
TER vs. Packagist

Extensions that are exclusively installed via Packagist/Composer and are not registered in the TYPO3 Extension Repository cannot be automatically checked for security issues.

Server Configuration & Environment  

T3 Monitoring checks various server and PHP configurations:

Monitored Parameters:

  • PHP Version: Compatibility and support status
  • SCRIPT_FILENAME: Detection of OPcache issues during deployments with symlinks
  • Logging Configuration: Checking belogErrorReporting settings
  • Email Configuration: SMTP accessibility and functionality
  • Database Status: Connection and performance

Uptime Monitoring  

Basic availability checks for all registered clients:

How it works:

  • Regular HTTP requests to client instances
  • Timeout detection
  • Status code validation
  • DNS and SSL checks

Alert Configuration:

  • Configurable error threshold (e.g. only after 3 failed attempts)
  • Email notification for permanently unreachable instances
  • Collection of all failed clients in one report

Reporting & Notifications  

Email Reports: Practical Examples  

T3 Monitoring generates different report types for different target audiences:

Client Report – Weekly Status

Each client instance can receive an individual report via email:

Text
Monitoring report of your clients
=================================


Server1
-------------------------------------------------
https://www.server1.at
Insecure core:
Insecure extensions:
Extra dangers:
- SCRIPT_FILENAME contains current: The server configuration is not correct. PHPOpcache is caching the symlink switch when deploying. Please check the nginx configuration!


Shopo1
-------------------------------------------------

Failed Clients Report – Unreachable Instances

Separate report for unreachable clients:

Text
Monitoring report of failed clients
===================================

The following clients could not be reached!

Server2: https://www.server2.at

Server3: https://www.server3.at

Configuration:

  • Email recipients in Extension Configuration
  • Error threshold configurable (e.g. only after 3 failed attempts)
  • Frequency depending on the scheduler task

Admin Report – Global Overview

Summarising report for administrators covering all problematic clients:

Content:

  • All instances with security issues
  • Summary by criticality
  • Statistics and trends
  • Recommended actions

Frequency:

  • Configurable via Scheduler
  • Typically: daily or weekly

Installation & Setup  

Architecture  

T3 Monitoring consists of two components:

    Master Installation (t3monitoring)

    Central TYPO3 instance with the t3monitoring extension. Collects data from all clients, displays dashboards, and sends reports.

    Client Installation (t3monitoring_client)

    Is installed on every TYPO3 instance to be monitored. Provides data via API for the master installation.

Step 1: Client Installation  

On every TYPO3 instance that should be monitored:

Bash
# Via Composer
composer require georgringer/t3monitoring-client

# Activate extension
./vendor/bin/typo3 extension:activate t3monitoring_client

Configuration:

  • Define Secret Key (for API authentication)
  • Enter it in the Extension Configuration
  • Note down the access URL (e.g., https://example.com/t3monitoring-api)
API Endpoint

The client extension provides an API endpoint that is queried by the master installation. Ensure that this endpoint is accessible from the outside.

Step 2: Master Installation  

Set up the central monitoring instance:

Bash
# Via Composer
composer require georgringer/t3monitoring

# Activate extension
./vendor/bin/typo3 extension:activate t3monitoring

Configuration:

  1. Open Extension Configuration
  2. Define email recipients for reports
  3. Set error threshold (e.g., 3 failed attempts)

Step 3: Register Clients  

In the backend of the master installation:

  1. T3 Monitoring → Clients → New
  2. Enter client details:
    • Name
    • URL
    • API Secret
    • Email for client reports (optional)
  3. Save and start the first synchronisation

Step 4: Set up Scheduler Tasks  

Three Symfony Console Commands for automation:

CommandDescriptionRecommended Frequency
monitoring:importClientsUpdates data from all clientsHourly
reporting:clientSends client reports to configured email addressesWeekly
reporting:adminSends admin report with an overview of all problematic clientsDaily/Weekly

Scheduler Configuration:

Bash
# Import every 60 minutes
0 * * * * /path/to/typo3/console monitoring:importClients

# Client reports every Monday at 8:00
0 8 * * 1 /path/to/typo3/console reporting:client

# Admin report daily at 7:00
0 7 * * * /path/to/typo3/console reporting:admin --email=admin@example.com

Backend: Dashboard & Lists  

Dashboard Overview  

The T3 Monitoring backend offers various views:

Main functions:

  • Client List: All registered instances with status
  • Filter: By TYPO3 version, security status, uptime
  • Search: Quick finding of specific clients
  • Detail View: Complete information on each instance
T3 Monitoring Dashboard Overview

Dashboard overview of all TYPO3 instances: The central dashboard shows the status of all monitored sites at a glance. It displays: unreachable instances, insecure core versions, outdated cores, insecure extensions, outdated extensions, as well as additional warnings and errors. Colour-coded status indicators (green = OK, red = action required) allow for quick prioritisation of maintenance work.

List of all TYPO3 instances

Client list with basic information: The overview list displays all registered TYPO3 instances with the most important basic data. For each instance, the name, URL, TYPO3 version, PHP version, and current status are shown. Filter and sorting functions enable quick navigation, even with many instances.

Detail View per Client  

Available for each registered client:

Information:

  • TYPO3 version and type (Classic/Composer)
  • PHP version
  • Installed extensions with versions
  • Security status of each extension
  • Server configuration
  • Last synchronisation
  • History

Actions:

  • Manual update of data
  • Edit client
  • Reports preview
Detail view of a TYPO3 instance

Instance detail view with complete information: The detail view of a single TYPO3 instance provides comprehensive information about all relevant system parameters. It displays the TYPO3 core version and installation type (Classic/Composer), PHP version and server configuration, all installed extensions with their version numbers, security status of each extension, server warnings and errors, as well as the timestamp of the last synchronisation. This view serves as the central information source for all maintenance-relevant data of an instance.

Extension details of a TYPO3 instance

Extension detail view: This view shows detailed information on all installed extensions of a TYPO3 instance. For each extension, the extension key, currently installed version, available updates, security status (secure/insecure), and dependencies are displayed. Particularly important is the highlighting of extensions with known security vulnerabilities or available security updates. The tabular presentation allows for a quick overview of the maintenance needs at the extension level.

Integration: T3 Monitoring + TYPO3 Updater  

The combination of T3 Monitoring and TYPO3 Updater creates a continuous DevOps pipeline:

Workflow Integration  

Monitoring identifies updates

T3 Monitoring detects outdated cores and insecure extensions. A weekly report lists all affected instances.

Prioritisation by severity

Administrators decide which updates to execute first based on security severity and business impact.

TYPO3 Updater executes updates

Automated update pipeline with Composer updates, visual tests, and deployment.

Monitoring confirms success

After the update, T3 Monitoring synchronises the data and confirms the updated versions.

Advantages of the Combination  

    Proactive Maintenance

    Monitoring identifies the need for action early. Minimal manual intervention required.

    Quality Assurance

    Monitoring checks the security status before and after updates. The Updater runs visual regression tests. Complete documentation.

    Time & Cost Savings

    Manual checking is eliminated. Updates run semi-automatically. Reports document all changes.

    Compliance & Audit

    Seamless documentation of the security status. Proof of update processes. SLA-compliant response times.

Pricing & Licensing  

T3 Monitoring is an open-source extension by Georg Ringer with optional commercial support:

License & Usage  

Open Source:

Commercial Support: Georg Ringer offers professional support and custom development:

  • Setup Support: Installation and configuration of your monitoring instance
  • Custom Features: Adaptations to your specific requirements
  • Priority Support: Direct communication in case of issues
  • SLA Contracts: Guaranteed response times for enterprise clients
Contact Support

For pricing and inquiries regarding commercial support, contact Georg Ringer directly via:

Donation Options  

Support the development:

Technical Requirements  

System Requirements  

FeatureMaster InstallationClient Installation
TYPO3 Version12 LTS12 LTS
PHP Version8.2 - 8.48.2 - 8.4
Composer Mode
DatabaseMySQL/MariaDB/PostgreSQL-
Scheduler/Cron
External Accessibility
Client API Accessibility

The client instances must be accessible from the master installation. Ensure that firewalls and web servers are configured accordingly.

Supported TYPO3 Versions  

The extension supports various TYPO3 versions:

Current Version (3.0.2):

  • TYPO3 12 LTS (12.4.0 - 12.4.99)

Legacy Versions:

  • Version 2.0.0: TYPO3 8 LTS
  • Version 1.0.x: TYPO3 7-8 LTS

Use Cases & Best Practices  

Agency with 20+ TYPO3 Projects  

Initial Situation:

  • 25 TYPO3 instances with various hosting providers
  • Manual checking takes 2-3 hours per week
  • Security updates are sometimes overlooked
  • No central documentation

Solution with T3 Monitoring:

  • Time savings through automation: 85%
  • Reduction of overlooked updates: 100%
  • Improvement of security compliance: 95%
  • Client satisfaction: 90%

Result:

  • Weekly reports automatically via email
  • Immediate alerts for critical security issues
  • Documentation for compliance generated automatically
  • Combination with TYPO3 Updater: updates largely automated

Hosting Provider with 100+ Clients  

Initial Situation:

  • Various TYPO3 versions in use
  • SLA commitments towards clients
  • No proactive monitoring
  • Reactive maintenance only when issues arise

Solution with T3 Monitoring:

  1. Central master installation
  2. All client instances registered as clients
  3. Automatic daily checks
  4. Clients receive weekly status reports
  5. Admin team receives a prioritisation list

Result:

  • Proactive maintenance instead of reactive problem-solving
  • SLA fulfilment through automatic documentation
  • Higher client satisfaction through transparent reports
  • Scalable solution for further growth

Enterprise IT Department  

Initial Situation:

  • 5 TYPO3 instances (intranet, external websites)
  • Compliance requirements (ISO, GDPR)
  • Audit proofs required
  • Internal SLAs for security updates

Solution with T3 Monitoring:

  • Integration into existing monitoring (e.g., Nagios/Zabbix via API)
  • Automatic reports to the security team
  • Audit trail through history
  • Escalation process for critical issues

Result:

  • Compliance proofs automated
  • Reduced audit costs
  • Faster response times for security issues
  • Transparency for management

Limitations & Workarounds  

Known Limitations  

Extension Security only for TER extensions:

Packagist-Only Extensions

Extensions that are exclusively installed via Packagist and are not registered in the TYPO3 Extension Repository cannot be automatically checked for security issues.

Workaround:

  • Manual checking of important Packagist extensions via GitHub Security Advisories
  • Integrate dependency scanning tools like Dependabot
  • Develop custom monitoring for critical extensions

Server configuration checks limited:

  • Not all server parameters are checked
  • Complex setups (load balancers, CDN) only partially supported

Workaround:

  • Supplement with dedicated server monitoring tools (Prometheus, Grafana)
  • Custom checks via extension development

Conclusion & Recommendation  

T3 Monitoring is an indispensable extension for professional TYPO3 management:

When is T3 Monitoring worthwhile?  

Clear recommendation for:

  • Agencies with 5+ TYPO3 projects
  • Hosting providers with TYPO3 clients
  • IT departments with compliance requirements
  • Anyone who takes security seriously

Potentially oversized for:

  • A single TYPO3 instance without critical requirements
  • Very small projects with no security risk
  • Teams without DevOps processes

Why we recommend T3 Monitoring  

    Professional & Proven

    Developed by Georg Ringer, one of the most active TYPO3 core developers. Used in production by hundreds of agencies worldwide.

    Open Source & Extensible

    GPL license, active community, regular updates. Custom features can be developed.

    Time & Cost Savings

    ROI within just a few weeks through automation. Reduced security risks minimise potential damage.

    Perfect DevOps Integration

    Combination with TYPO3 Updater creates a continuous pipeline. Monitoring → Update → Verification.

Next Steps  

1. Test the extension:

  • Set up master installation
  • Register 2-3 test clients
  • Evaluate reports

2. Production rollout:

  • Add all TYPO3 instances as clients
  • Configure scheduler tasks
  • Set up email notifications

3. Optional: Integrate TYPO3 Updater

  • Monitoring identifies updates
  • Updater executes them semi-automatically
  • Complete DevOps pipeline
Absolute Recommendation

T3 Monitoring is a fantastic extension for professional TYPO3 management. The combination with TYPO3 Updater creates an outstanding infrastructure for multi-site environments.

Further Resources  

Links & Documentation  

Extension Repository:

Source Code:

Author & Support:

Related Articles  

Back to the list

Let's talk about your project

Get in touch

Locations

  • Mattersburg
    Johann Nepomuk Bergerstraße 7/2/14
    7210 Mattersburg, Austria
  • Vienna
    Ungargasse 64-66/3/404
    1030 Wien, Austria

Parts of this content were created with the assistance of AI.