System Architecture
Built on patterns that survive production.
Decoupled Worker Nodes
Every check is a durable, queue-backed job. Workers run in isolated processes — a surge or crash never touches the API layer.
- Horizontal scale: add workers without config changes
- Automatic retries with exponential back-off
- Job deduplication prevents thundering herds
- Dead-letter queue for forensic failure analysis
Live Job Lifecycle
API Gateway
POST /monitors/:id/check
Redis BullMQ
queue:monitors — waiting
Worker Node
HTTP ping → result emitted
Real-time WebSocket Updates
Results are pushed the moment a worker emits them. No polling, no stale dashboards — subscribers receive structured events in <5ms.
- Room-scoped broadcasts per monitor ID
- Reconnect with buffered event replay
- Binary-free JSON payloads stay inspector-friendly
- Server-side presence for multi-tab deduplication
SSRF Network Protection
The worker enforces a strict egress allowlist before dialling any URL. Private ranges and loopback addresses are blocked at the syscall boundary — not just validated.
- RFC-1918 + RFC-5735 ranges fully blocked
- IPv6 link-local and ULA ranges denied
- DNS resolution validated post-lookup (rebinding safe)
- Audit log for every blocked attempt
SSRF Shield — Egress Filter
10.0.0.0/8
RFC-1918 Private A
172.16.0.0/12
RFC-1918 Private B
192.168.0.0/16
RFC-1918 Private C
127.0.0.0/8
Loopback
169.254.0.0/16
Link-local / APIPA
::1/128
IPv6 Loopback
fc00::/7
IPv6 ULA
0 private-range requests reach the network