src/content/docs/whp/add-ons/monitoring.mdx

---
title: Monitoring (AI Monitor)
description: Proactive alerts for site errors, brute-force attempts, and exploit signatures.
sidebar:
  order: 2
---

import PaidAddon from '~/content/partials/paid-addon-callout.mdx';
import Support from '~/content/partials/support-link.mdx';

<PaidAddon />

## What it does

AI Monitor watches your site's logs, error rates, and access patterns in the background. If something looks unusual — a sustained spike in 500 errors, a brute-force pattern against a login page, a request matching a known exploit signature — you get an alert.

By default alerts go to the contact email on your account; SMS is available for critical-severity events if you opt in.

## What's included

- **Real-time log scanning** across PHP, Apache, and access logs.
- **Brute-force detection** on auth endpoints (WordPress wp-login.php, generic /login, mail auth, SFTP).
- **Exploit-signature alerts** with severity grading (informational, warning, critical).
- **Per-rule ignore lists** so you can mute things you've already triaged or know are harmless for your site.
- **SMS notifications** for critical-severity alerts (configurable; off by default).

## How to enable

From the [client portal](https://secure.anhonesthost.com/clientarea.php), go to your hosting service → **Upgrade/Downgrade** → pick Monitoring.

## Where it lives in WHP

Once enabled, find it in the sidebar: **Security → AI Monitor**.

![AI Monitor in WHP](~/assets/screenshots/whp/whp-monitor.png)

You'll see a feed of events, severity badges, and counts. Click an event for the full log context.

## Tuning false positives

Some signatures are noisier than others — for example, a security scanner you run yourself will trip every exploit-signature rule. Open the rule from the event detail and click **Ignore** to mute it for your account; the rule stays active for everyone else.

If you find yourself muting a rule frequently, [open a ticket](https://secure.anhonesthost.com/submitticket.php) — we may be able to tune the underlying rule for everyone instead of you suppressing each instance.

## Related

- [Add-ons overview](/whp/add-ons/overview/)

## Still stuck?

<Support />
docs(whp): add reference + 5 add-on articles, env.d.ts for font CSS imports 2026-05-17 10:34:43 -07:00			`---`
			`title: Monitoring (AI Monitor)`
			`description: Proactive alerts for site errors, brute-force attempts, and exploit signatures.`
			`sidebar:`
			`order: 2`
			`---`

			`import PaidAddon from '~/content/partials/paid-addon-callout.mdx';`
			`import Support from '~/content/partials/support-link.mdx';`

			`<PaidAddon />`

			`## What it does`

			`AI Monitor watches your site's logs, error rates, and access patterns in the background. If something looks unusual — a sustained spike in 500 errors, a brute-force pattern against a login page, a request matching a known exploit signature — you get an alert.`

			`By default alerts go to the contact email on your account; SMS is available for critical-severity events if you opt in.`

			`## What's included`

			`- Real-time log scanning across PHP, Apache, and access logs.`
			`- Brute-force detection on auth endpoints (WordPress wp-login.php, generic /login, mail auth, SFTP).`
			`- Exploit-signature alerts with severity grading (informational, warning, critical).`
			`- Per-rule ignore lists so you can mute things you've already triaged or know are harmless for your site.`
			`- SMS notifications for critical-severity alerts (configurable; off by default).`

			`## How to enable`

			`From the [client portal](https://secure.anhonesthost.com/clientarea.php), go to your hosting service → Upgrade/Downgrade → pick Monitoring.`

			`## Where it lives in WHP`

			`Once enabled, find it in the sidebar: Security → AI Monitor.`

			`![AI Monitor in WHP](~/assets/screenshots/whp/whp-monitor.png)`

			`You'll see a feed of events, severity badges, and counts. Click an event for the full log context.`

			`## Tuning false positives`

			`Some signatures are noisier than others — for example, a security scanner you run yourself will trip every exploit-signature rule. Open the rule from the event detail and click Ignore to mute it for your account; the rule stays active for everyone else.`

			`If you find yourself muting a rule frequently, [open a ticket](https://secure.anhonesthost.com/submitticket.php) — we may be able to tune the underlying rule for everyone instead of you suppressing each instance.`

			`## Related`

			`- [Add-ons overview](/whp/add-ons/overview/)`

			`## Still stuck?`

			`<Support />`