DEV Community: Serg Petrov The latest articles on DEV Community by Serg Petrov (@p12se). https://dev.to/p12se https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F454095%2F663d7af9-e477-4cda-8c0e-9c0a6cbeecfe.png DEV Community: Serg Petrov https://dev.to/p12se en Docker Compose Is Documentation That Actually Runs Serg Petrov Wed, 28 Jan 2026 15:01:18 +0000 https://dev.to/p12se/docker-compose-is-documentation-that-actually-runs-5b4o https://dev.to/p12se/docker-compose-is-documentation-that-actually-runs-5b4o <p>Two projects. Both have Dockerfiles. One takes me 20 minutes to figure out how to run. The other - 30 seconds.</p> <p>The difference? The second one has a <code>docker-compose.yml</code>.</p> <p>That file told me everything: what ports to expose, what services it depends on, what environment variables it needs, what volumes to mount. The Dockerfile only told me how to build.</p> <p>Compose isn't just a convenience tool. It's executable documentation.</p> <h2> The "I'll Just Remember It" Trap </h2> <p>A year ago I was debugging a service that hadn't been touched in months. The Dockerfile was there. Clean, multi-stage, optimized. Professional.</p> <p>No Compose file. Just a Dockerfile and a README that said "see Dockerfile."</p> <p>How do I run it?<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>docker build <span class="nt">-t</span> myservice <span class="nb">.</span> docker run myservice </code></pre> </div> <p>Container crashes. Missing environment variables. Okay, which ones?</p> <p>I open <code>config/config.go</code>. There's a struct with 15 fields loaded via envconfig. Three have defaults. The rest? Required, apparently. The README mentions DATABASE_URL and that's it - the rest are "obvious."</p> <p>I check git history. Find a Slack message from six months ago:</p> <blockquote> <p>"run it with <code>-e DATABASE_URL=... -e REDIS_URL=... -e SECRET_KEY=... -v $(pwd)/config:/app/config -p 8080:8080 --network=backend</code>"</p> </blockquote> <p>This is not engineering. This is archeology.</p> <h2> Compose as the Single Source of Truth </h2> <p>Now compare:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="na">services</span><span class="pi">:</span> <span class="na">myservice</span><span class="pi">:</span> <span class="na">build</span><span class="pi">:</span> <span class="s">.</span> <span class="na">ports</span><span class="pi">:</span> <span class="pi">-</span> <span class="s2">"</span><span class="s">8080:8080"</span> <span class="na">environment</span><span class="pi">:</span> <span class="pi">-</span> <span class="s">DATABASE_URL=postgres://db:5432/app</span> <span class="pi">-</span> <span class="s">REDIS_URL=redis://redis:6379</span> <span class="pi">-</span> <span class="s">SECRET_KEY=${SECRET_KEY}</span> <span class="na">volumes</span><span class="pi">:</span> <span class="pi">-</span> <span class="s">./config:/app/config</span> <span class="na">depends_on</span><span class="pi">:</span> <span class="pi">-</span> <span class="s">db</span> <span class="pi">-</span> <span class="s">redis</span> </code></pre> </div> <p>I open this file and I know everything:</p> <ul> <li>What ports it exposes</li> <li>What services it needs</li> <li>What config it expects</li> <li>What volumes it mounts</li> </ul> <p>No Slack archeology. No guessing. The documentation is the code.</p> <h2> The "But I Only Have One Container" Argument </h2> <p>People say: "I don't need Compose, I only have one service."</p> <p>I disagree. Here's why.</p> <p><strong>Reason 1: You'll forget.</strong></p> <p><code>docker run</code> commands grow. First it's just <code>-p 3000:3000</code>. Then you add a volume. Then environment variables. Then a network. Six months later you have a 200-character command and zero memory of why each flag is there.</p> <p><strong>Reason 2: You'll hate yourself.</strong></p> <p>Coming back to a project after a few months:</p> <p><code>docker run -d --name app -p 3000:3000 -v $(pwd):/app -v /app/node_modules -e NODE_ENV=development -e DATABASE_URL=postgres://... -e REDIS_URL=redis://... -e JWT_SECRET=... --network app-network app:dev</code></p> <p>vs.</p> <p><code>docker compose up</code></p> <p><strong>Reason 3: Compose files are diffable.</strong></p> <p>When someone changes the configuration, I see it in the PR. Clear diff. Clear history. With shell commands? Good luck tracking what changed.</p> <h2> The Things That Bit Me </h2> <h3> depends_on Lies to You </h3> <p>I wrote this and expected it to work:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="na">services</span><span class="pi">:</span> <span class="na">db</span><span class="pi">:</span> <span class="na">image</span><span class="pi">:</span> <span class="s">postgres:15</span> <span class="na">app</span><span class="pi">:</span> <span class="na">build</span><span class="pi">:</span> <span class="s">.</span> <span class="na">depends_on</span><span class="pi">:</span> <span class="pi">-</span> <span class="s">db</span> </code></pre> </div> <p>App crashed on startup. "Connection refused."</p> <p><code>depends_on</code> doesn't wait for the service to be <em>ready</em>. It waits for the container to <em>start</em>. Postgres takes a few seconds to initialize. My app tried to connect immediately. Boom.</p> <p>The fix:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="na">services</span><span class="pi">:</span> <span class="na">db</span><span class="pi">:</span> <span class="na">image</span><span class="pi">:</span> <span class="s">postgres:15</span> <span class="na">healthcheck</span><span class="pi">:</span> <span class="na">test</span><span class="pi">:</span> <span class="pi">[</span><span class="s2">"</span><span class="s">CMD-SHELL"</span><span class="pi">,</span> <span class="s2">"</span><span class="s">pg_isready</span><span class="nv"> </span><span class="s">-U</span><span class="nv"> </span><span class="s">postgres"</span><span class="pi">]</span> <span class="na">interval</span><span class="pi">:</span> <span class="s">2s</span> <span class="na">timeout</span><span class="pi">:</span> <span class="s">5s</span> <span class="na">retries</span><span class="pi">:</span> <span class="m">10</span> <span class="na">app</span><span class="pi">:</span> <span class="na">build</span><span class="pi">:</span> <span class="s">.</span> <span class="na">depends_on</span><span class="pi">:</span> <span class="na">db</span><span class="pi">:</span> <span class="na">condition</span><span class="pi">:</span> <span class="s">service_healthy</span> </code></pre> </div> <p>Now Compose actually waits until Postgres responds to connections.</p> <p>I've seen production deployments break because of this. People blame Docker. It's not Docker's fault - <code>depends_on</code> just doesn't do what you think it does. (<a href="https://docs.docker.com/compose/how-tos/startup-order/" rel="noopener noreferrer">docs</a>)</p> <h3> Anonymous Volumes Are a Trap (<a href="https://docs.docker.com/engine/storage/volumes/" rel="noopener noreferrer">docs</a>) </h3> <p>This looks innocent:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="na">volumes</span><span class="pi">:</span> <span class="pi">-</span> <span class="s">/app/node_modules</span> </code></pre> </div> <p>It creates an anonymous volume. Works great until you need to:</p> <ul> <li>Find it (<code>docker volume ls</code> shows a random hash)</li> <li>Back it up (which volume is which?)</li> <li>Clean it up (orphaned volumes everywhere)</li> </ul> <p>Named volumes:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="na">volumes</span><span class="pi">:</span> <span class="pi">-</span> <span class="s">node_modules:/app/node_modules</span> <span class="na">volumes</span><span class="pi">:</span> <span class="na">node_modules</span><span class="pi">:</span> </code></pre> </div> <p>Now it's called <code>projectname_node_modules</code>. Searchable. Deletable. Manageable.</p> <h3> The Override File Nobody Reads About </h3> <p>Compose automatically merges <code>docker-compose.override.yml</code> if it exists (<a href="https://docs.docker.com/compose/how-tos/multiple-compose-files/merge/" rel="noopener noreferrer">docs</a>). No flags needed. Same with <code>.env</code> - it loads automatically, no <code>env_file</code> directive required (<a href="https://docs.docker.com/compose/how-tos/environment-variables/set-environment-variables/" rel="noopener noreferrer">docs</a>).</p> <p>I use this pattern:</p> <p><strong>docker-compose.yml</strong> - production-like defaults, committed:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="na">services</span><span class="pi">:</span> <span class="na">app</span><span class="pi">:</span> <span class="na">image</span><span class="pi">:</span> <span class="s">myapp:1.2.3</span> <span class="c1"># pin versions in prod, never use :latest</span> <span class="na">environment</span><span class="pi">:</span> <span class="pi">-</span> <span class="s">NODE_ENV=production</span> </code></pre> </div> <p><strong>docker-compose.override.yml</strong> - dev settings, also committed:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="na">services</span><span class="pi">:</span> <span class="na">app</span><span class="pi">:</span> <span class="na">build</span><span class="pi">:</span> <span class="s">.</span> <span class="na">volumes</span><span class="pi">:</span> <span class="pi">-</span> <span class="s">.:/app</span> <span class="na">environment</span><span class="pi">:</span> <span class="pi">-</span> <span class="s">NODE_ENV=development</span> </code></pre> </div> <p>Run <code>docker compose up</code> - you get development mode.</p> <p>Run <code>docker compose -f docker-compose.yml up</code> - you get production mode.</p> <p>No separate "dev" and "prod" compose files. No confusion about which one to use.</p> <h2> The Pattern That Changed Everything </h2> <p>Profiles (<a href="https://docs.docker.com/compose/how-tos/profiles/" rel="noopener noreferrer">docs</a>). Added in Compose 1.28, still underused.</p> <p>Before profiles, I had this mess:</p> <ul> <li><code>docker-compose.yml</code></li> <li><code>docker-compose.dev.yml</code></li> <li><code>docker-compose.test.yml</code></li> <li><code>docker-compose.monitoring.yml</code></li> </ul> <p>With profiles:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="na">services</span><span class="pi">:</span> <span class="na">app</span><span class="pi">:</span> <span class="na">build</span><span class="pi">:</span> <span class="s">.</span> <span class="c1"># Always runs</span> <span class="na">db</span><span class="pi">:</span> <span class="na">image</span><span class="pi">:</span> <span class="s">postgres:15</span> <span class="na">profiles</span><span class="pi">:</span> <span class="pi">[</span><span class="nv">dev</span><span class="pi">]</span> <span class="na">redis</span><span class="pi">:</span> <span class="na">image</span><span class="pi">:</span> <span class="s">redis:7</span> <span class="na">profiles</span><span class="pi">:</span> <span class="pi">[</span><span class="nv">dev</span><span class="pi">]</span> <span class="na">prometheus</span><span class="pi">:</span> <span class="na">image</span><span class="pi">:</span> <span class="s">prom/prometheus</span> <span class="na">profiles</span><span class="pi">:</span> <span class="pi">[</span><span class="nv">monitoring</span><span class="pi">]</span> <span class="na">grafana</span><span class="pi">:</span> <span class="na">image</span><span class="pi">:</span> <span class="s">grafana/grafana</span> <span class="na">profiles</span><span class="pi">:</span> <span class="pi">[</span><span class="nv">monitoring</span><span class="pi">]</span> <span class="na">test-db</span><span class="pi">:</span> <span class="na">image</span><span class="pi">:</span> <span class="s">postgres:15</span> <span class="na">profiles</span><span class="pi">:</span> <span class="pi">[</span><span class="nv">test</span><span class="pi">]</span> <span class="na">environment</span><span class="pi">:</span> <span class="pi">-</span> <span class="s">POSTGRES_DB=test</span> </code></pre> </div> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>docker compose up <span class="c"># just app</span> docker compose <span class="nt">--profile</span> dev up <span class="c"># app + db + redis</span> docker compose <span class="nt">--profile</span> monitoring up <span class="c"># app + prometheus + grafana</span> docker compose <span class="nt">--profile</span> dev <span class="nt">--profile</span> monitoring up <span class="c"># combine profiles</span> </code></pre> </div> <p>One file. Clear intent. No YAML soup.</p> <h2> The Commands Nobody Told Me About </h2> <h3> <code>docker compose up --wait</code> (<a href="https://docs.docker.com/reference/cli/docker/compose/up/" rel="noopener noreferrer">docs</a>) </h3> <p>Most people run <code>docker compose up -d</code> and then manually check if everything started. There's a better way:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>docker compose up <span class="nt">-d</span> <span class="nt">--wait</span> </code></pre> </div> <p>This returns control only when all services with healthchecks are healthy. Perfect for CI pipelines and scripts.</p> <h3> <code>docker compose config</code> (<a href="https://docs.docker.com/reference/cli/docker/compose/config/" rel="noopener noreferrer">docs</a>) </h3> <p>Your compose file uses variables and overrides. What's the actual final config?<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>docker compose config </code></pre> </div> <p>Shows the fully resolved YAML after all interpolation and merging. Saved me hours of "why isn't this variable working" debugging.</p> <h3> <code>docker compose watch</code> (<a href="https://docs.docker.com/compose/how-tos/file-watch/" rel="noopener noreferrer">docs</a>) </h3> <p>Volumes for hot reload are messy. They sync <code>node_modules</code> back and forth, cause permission issues, and slow things down.</p> <p>Compose 2.22+ has a better way:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="na">services</span><span class="pi">:</span> <span class="na">app</span><span class="pi">:</span> <span class="na">build</span><span class="pi">:</span> <span class="s">.</span> <span class="na">develop</span><span class="pi">:</span> <span class="na">watch</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">action</span><span class="pi">:</span> <span class="s">rebuild</span> <span class="na">path</span><span class="pi">:</span> <span class="s">./package.json</span> <span class="pi">-</span> <span class="na">action</span><span class="pi">:</span> <span class="s">sync</span> <span class="na">path</span><span class="pi">:</span> <span class="s">./src</span> <span class="na">target</span><span class="pi">:</span> <span class="s">/app/src</span> </code></pre> </div> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>docker compose watch </code></pre> </div> <p>File changes trigger rebuilds or syncs automatically. No bidirectional volume chaos.</p> <h2> Small Things That Matter </h2> <h3> Environment variable defaults (<a href="https://docs.docker.com/compose/how-tos/environment-variables/variable-interpolation/" rel="noopener noreferrer">docs</a>) </h3> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="na">services</span><span class="pi">:</span> <span class="na">app</span><span class="pi">:</span> <span class="na">ports</span><span class="pi">:</span> <span class="pi">-</span> <span class="s2">"</span><span class="s">${PORT:-3000}:3000"</span> <span class="na">environment</span><span class="pi">:</span> <span class="pi">-</span> <span class="s">LOG_LEVEL=${LOG_LEVEL:-info}</span> </code></pre> </div> <p>If the variable isn't set, use the default. No more "variable not found" crashes.</p> <h3> <code>init: true</code> (<a href="https://docs.docker.com/reference/compose-file/services/#init" rel="noopener noreferrer">docs</a>) </h3> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="na">services</span><span class="pi">:</span> <span class="na">app</span><span class="pi">:</span> <span class="na">init</span><span class="pi">:</span> <span class="kc">true</span> </code></pre> </div> <p>One line. Proper signal handling. No zombie processes. Your containers will actually stop when you ask them to.</p> <h3> tmpfs for test databases (<a href="https://docs.docker.com/engine/storage/tmpfs/" rel="noopener noreferrer">docs</a>) </h3> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="na">services</span><span class="pi">:</span> <span class="na">test-db</span><span class="pi">:</span> <span class="na">image</span><span class="pi">:</span> <span class="s">postgres:15</span> <span class="na">tmpfs</span><span class="pi">:</span> <span class="s">/var/lib/postgresql/data</span> </code></pre> </div> <p>Database runs entirely in memory. Tests run faster. Nothing persists between runs - which is exactly what you want for tests.</p> <h3> YAML anchors for DRY (<a href="https://docs.docker.com/reference/compose-file/fragments/" rel="noopener noreferrer">docs</a>) </h3> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="na">x-logging</span><span class="pi">:</span> <span class="nl">&amp;default-logging</span> <span class="na">logging</span><span class="pi">:</span> <span class="na">driver</span><span class="pi">:</span> <span class="s">json-file</span> <span class="na">options</span><span class="pi">:</span> <span class="na">max-size</span><span class="pi">:</span> <span class="s2">"</span><span class="s">10m"</span> <span class="na">max-file</span><span class="pi">:</span> <span class="s2">"</span><span class="s">3"</span> <span class="na">services</span><span class="pi">:</span> <span class="na">app</span><span class="pi">:</span> <span class="na">&lt;&lt;</span><span class="pi">:</span> <span class="nv">*default-logging</span> <span class="na">build</span><span class="pi">:</span> <span class="s">.</span> <span class="na">worker</span><span class="pi">:</span> <span class="na">&lt;&lt;</span><span class="pi">:</span> <span class="nv">*default-logging</span> <span class="na">build</span><span class="pi">:</span> <span class="s">./worker</span> </code></pre> </div> <p>Define once, reuse everywhere. The <code>x-</code> prefix marks it as an extension (<a href="https://docs.docker.com/reference/compose-file/extension/" rel="noopener noreferrer">docs</a>) - Compose ignores it, but YAML anchors still work.</p> <h2> The Compose File as Contract </h2> <p>Here's how I think about it now.</p> <p>A Dockerfile answers: "How do I build this?"</p> <p>A docker-compose.yml answers: "How does this run in context?"</p> <p>Context means:</p> <ul> <li>What other services does it need?</li> <li>What configuration does it expect?</li> <li>What ports does it expose?</li> <li>What data does it persist?</li> </ul> <p>Without this context, a Dockerfile is just a build recipe. With Compose, it becomes a runnable system.</p> <p><em>The best infrastructure is the one you don't have to explain. Write it down in a way that runs.</em></p> productivity programming devops webdev Why Most SSL Certificate Monitors Are Blind (And How to Fix It) Serg Petrov Thu, 22 Jan 2026 16:40:13 +0000 https://dev.to/p12se/why-most-ssl-certificate-monitors-are-blind-and-how-to-fix-it-2md1 https://dev.to/p12se/why-most-ssl-certificate-monitors-are-blind-and-how-to-fix-it-2md1 <p>Google "golang check ssl certificate" and every example looks like this:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="n">conn</span><span class="p">,</span> <span class="n">_</span> <span class="o">:=</span> <span class="n">tls</span><span class="o">.</span><span class="n">Dial</span><span class="p">(</span><span class="s">"tcp"</span><span class="p">,</span> <span class="s">"example.com:443"</span><span class="p">,</span> <span class="o">&amp;</span><span class="n">tls</span><span class="o">.</span><span class="n">Config</span><span class="p">{</span><span class="n">InsecureSkipVerify</span><span class="o">:</span> <span class="no">true</span><span class="p">})</span> <span class="n">cert</span> <span class="o">:=</span> <span class="n">conn</span><span class="o">.</span><span class="n">ConnectionState</span><span class="p">()</span><span class="o">.</span><span class="n">PeerCertificates</span><span class="p">[</span><span class="m">0</span><span class="p">]</span> <span class="n">fmt</span><span class="o">.</span><span class="n">Println</span><span class="p">(</span><span class="n">cert</span><span class="o">.</span><span class="n">NotAfter</span><span class="p">)</span> <span class="c">// 2026-03-16</span> </code></pre> </div> <p>53 days left. Great. Ship it.</p> <p>But your monitor just became blind to 3 out of 4 certificate problems.</p> <h2> The InsecureSkipVerify trap </h2> <p><code>InsecureSkipVerify: true</code> skips all certificate validation - expiry, trust chain, hostname match. The connection is still encrypted, but Go won't check if the cert is actually valid.</p> <p>Why do examples use it? Without it, Go refuses to connect if anything is wrong. You get an error instead of certificate details. For a quick script, that's inconvenient.</p> <p>For monitoring, it's dangerous:</p> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>Problem</th> <th>What users see</th> <th>What your monitor shows</th> </tr> </thead> <tbody> <tr> <td>Self-signed cert</td> <td>Browser warning</td> <td>"53 days left"</td> </tr> <tr> <td>Wrong domain</td> <td>Browser warning</td> <td>"53 days left"</td> </tr> <tr> <td>Untrusted CA</td> <td>Browser warning</td> <td>"53 days left"</td> </tr> <tr> <td>Expired cert</td> <td>Browser warning</td> <td>"Expired"</td> </tr> </tbody> </table></div> <p>Three problems go undetected. Your monitor says everything is fine while users can't access your site.</p> <h2> The fix: two-step check </h2> <p>First, try a normal connection. If it succeeds, the certificate is valid. If it fails, make a second connection with <code>InsecureSkipVerify</code> to get the details anyway.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="k">func</span> <span class="n">checkCert</span><span class="p">(</span><span class="n">host</span> <span class="kt">string</span><span class="p">)</span> <span class="n">CertStatus</span> <span class="p">{</span> <span class="n">status</span> <span class="o">:=</span> <span class="n">CertStatus</span><span class="p">{</span><span class="n">Host</span><span class="o">:</span> <span class="n">host</span><span class="p">}</span> <span class="n">dialer</span> <span class="o">:=</span> <span class="o">&amp;</span><span class="n">net</span><span class="o">.</span><span class="n">Dialer</span><span class="p">{</span><span class="n">Timeout</span><span class="o">:</span> <span class="m">10</span> <span class="o">*</span> <span class="n">time</span><span class="o">.</span><span class="n">Second</span><span class="p">}</span> <span class="c">// Step 1: Try normal connection (validates certificate)</span> <span class="n">conn</span><span class="p">,</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">tls</span><span class="o">.</span><span class="n">DialWithDialer</span><span class="p">(</span><span class="n">dialer</span><span class="p">,</span> <span class="s">"tcp"</span><span class="p">,</span> <span class="n">host</span><span class="o">+</span><span class="s">":443"</span><span class="p">,</span> <span class="no">nil</span><span class="p">)</span> <span class="k">if</span> <span class="n">err</span> <span class="o">==</span> <span class="no">nil</span> <span class="p">{</span> <span class="c">// Certificate is valid - get details</span> <span class="n">cert</span> <span class="o">:=</span> <span class="n">conn</span><span class="o">.</span><span class="n">ConnectionState</span><span class="p">()</span><span class="o">.</span><span class="n">PeerCertificates</span><span class="p">[</span><span class="m">0</span><span class="p">]</span> <span class="n">status</span><span class="o">.</span><span class="n">IsValid</span> <span class="o">=</span> <span class="no">true</span> <span class="n">status</span><span class="o">.</span><span class="n">DaysLeft</span> <span class="o">=</span> <span class="kt">int</span><span class="p">(</span><span class="n">time</span><span class="o">.</span><span class="n">Until</span><span class="p">(</span><span class="n">cert</span><span class="o">.</span><span class="n">NotAfter</span><span class="p">)</span><span class="o">.</span><span class="n">Hours</span><span class="p">()</span> <span class="o">/</span> <span class="m">24</span><span class="p">)</span> <span class="n">conn</span><span class="o">.</span><span class="n">Close</span><span class="p">()</span> <span class="k">return</span> <span class="n">status</span> <span class="p">}</span> <span class="c">// Step 2: Validation failed - get details anyway</span> <span class="n">status</span><span class="o">.</span><span class="n">ValidationError</span> <span class="o">=</span> <span class="n">err</span><span class="o">.</span><span class="n">Error</span><span class="p">()</span> <span class="n">conn</span><span class="p">,</span> <span class="n">err</span> <span class="o">=</span> <span class="n">tls</span><span class="o">.</span><span class="n">DialWithDialer</span><span class="p">(</span><span class="n">dialer</span><span class="p">,</span> <span class="s">"tcp"</span><span class="p">,</span> <span class="n">host</span><span class="o">+</span><span class="s">":443"</span><span class="p">,</span> <span class="o">&amp;</span><span class="n">tls</span><span class="o">.</span><span class="n">Config</span><span class="p">{</span><span class="n">InsecureSkipVerify</span><span class="o">:</span> <span class="no">true</span><span class="p">})</span> <span class="k">if</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="n">status</span><span class="o">.</span><span class="n">Error</span> <span class="o">=</span> <span class="n">err</span><span class="o">.</span><span class="n">Error</span><span class="p">()</span> <span class="k">return</span> <span class="n">status</span> <span class="p">}</span> <span class="k">defer</span> <span class="n">conn</span><span class="o">.</span><span class="n">Close</span><span class="p">()</span> <span class="n">cert</span> <span class="o">:=</span> <span class="n">conn</span><span class="o">.</span><span class="n">ConnectionState</span><span class="p">()</span><span class="o">.</span><span class="n">PeerCertificates</span><span class="p">[</span><span class="m">0</span><span class="p">]</span> <span class="n">status</span><span class="o">.</span><span class="n">DaysLeft</span> <span class="o">=</span> <span class="kt">int</span><span class="p">(</span><span class="n">time</span><span class="o">.</span><span class="n">Until</span><span class="p">(</span><span class="n">cert</span><span class="o">.</span><span class="n">NotAfter</span><span class="p">)</span><span class="o">.</span><span class="n">Hours</span><span class="p">()</span> <span class="o">/</span> <span class="m">24</span><span class="p">)</span> <span class="k">return</span> <span class="n">status</span> <span class="p">}</span> </code></pre> </div> <p>Now you see both: validity status AND expiry dates. A self-signed cert with 2 years left is still a problem your users will hit.</p> <h2> Complete monitor </h2> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="k">package</span> <span class="n">main</span> <span class="k">import</span> <span class="p">(</span> <span class="s">"crypto/tls"</span> <span class="s">"fmt"</span> <span class="s">"net"</span> <span class="s">"time"</span> <span class="p">)</span> <span class="k">type</span> <span class="n">CertStatus</span> <span class="k">struct</span> <span class="p">{</span> <span class="n">Host</span> <span class="kt">string</span> <span class="n">ExpiresAt</span> <span class="n">time</span><span class="o">.</span><span class="n">Time</span> <span class="n">DaysLeft</span> <span class="kt">int</span> <span class="n">Issuer</span> <span class="kt">string</span> <span class="n">IsValid</span> <span class="kt">bool</span> <span class="n">ValidationError</span> <span class="kt">string</span> <span class="n">Error</span> <span class="kt">string</span> <span class="p">}</span> <span class="k">func</span> <span class="n">checkCert</span><span class="p">(</span><span class="n">host</span> <span class="kt">string</span><span class="p">)</span> <span class="n">CertStatus</span> <span class="p">{</span> <span class="n">status</span> <span class="o">:=</span> <span class="n">CertStatus</span><span class="p">{</span><span class="n">Host</span><span class="o">:</span> <span class="n">host</span><span class="p">}</span> <span class="n">dialer</span> <span class="o">:=</span> <span class="o">&amp;</span><span class="n">net</span><span class="o">.</span><span class="n">Dialer</span><span class="p">{</span><span class="n">Timeout</span><span class="o">:</span> <span class="m">10</span> <span class="o">*</span> <span class="n">time</span><span class="o">.</span><span class="n">Second</span><span class="p">}</span> <span class="c">// Step 1: Try normal connection (validates certificate)</span> <span class="n">conn</span><span class="p">,</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">tls</span><span class="o">.</span><span class="n">DialWithDialer</span><span class="p">(</span><span class="n">dialer</span><span class="p">,</span> <span class="s">"tcp"</span><span class="p">,</span> <span class="n">host</span><span class="o">+</span><span class="s">":443"</span><span class="p">,</span> <span class="no">nil</span><span class="p">)</span> <span class="k">if</span> <span class="n">err</span> <span class="o">==</span> <span class="no">nil</span> <span class="p">{</span> <span class="n">cert</span> <span class="o">:=</span> <span class="n">conn</span><span class="o">.</span><span class="n">ConnectionState</span><span class="p">()</span><span class="o">.</span><span class="n">PeerCertificates</span><span class="p">[</span><span class="m">0</span><span class="p">]</span> <span class="n">status</span><span class="o">.</span><span class="n">ExpiresAt</span> <span class="o">=</span> <span class="n">cert</span><span class="o">.</span><span class="n">NotAfter</span> <span class="n">status</span><span class="o">.</span><span class="n">DaysLeft</span> <span class="o">=</span> <span class="kt">int</span><span class="p">(</span><span class="n">time</span><span class="o">.</span><span class="n">Until</span><span class="p">(</span><span class="n">cert</span><span class="o">.</span><span class="n">NotAfter</span><span class="p">)</span><span class="o">.</span><span class="n">Hours</span><span class="p">()</span> <span class="o">/</span> <span class="m">24</span><span class="p">)</span> <span class="n">status</span><span class="o">.</span><span class="n">Issuer</span> <span class="o">=</span> <span class="n">cert</span><span class="o">.</span><span class="n">Issuer</span><span class="o">.</span><span class="n">CommonName</span> <span class="n">status</span><span class="o">.</span><span class="n">IsValid</span> <span class="o">=</span> <span class="no">true</span> <span class="n">conn</span><span class="o">.</span><span class="n">Close</span><span class="p">()</span> <span class="k">return</span> <span class="n">status</span> <span class="p">}</span> <span class="c">// Step 2: Validation failed - get details anyway</span> <span class="n">status</span><span class="o">.</span><span class="n">ValidationError</span> <span class="o">=</span> <span class="n">err</span><span class="o">.</span><span class="n">Error</span><span class="p">()</span> <span class="n">conn</span><span class="p">,</span> <span class="n">err</span> <span class="o">=</span> <span class="n">tls</span><span class="o">.</span><span class="n">DialWithDialer</span><span class="p">(</span><span class="n">dialer</span><span class="p">,</span> <span class="s">"tcp"</span><span class="p">,</span> <span class="n">host</span><span class="o">+</span><span class="s">":443"</span><span class="p">,</span> <span class="o">&amp;</span><span class="n">tls</span><span class="o">.</span><span class="n">Config</span><span class="p">{</span><span class="n">InsecureSkipVerify</span><span class="o">:</span> <span class="no">true</span><span class="p">})</span> <span class="k">if</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="n">status</span><span class="o">.</span><span class="n">Error</span> <span class="o">=</span> <span class="n">err</span><span class="o">.</span><span class="n">Error</span><span class="p">()</span> <span class="k">return</span> <span class="n">status</span> <span class="p">}</span> <span class="k">defer</span> <span class="n">conn</span><span class="o">.</span><span class="n">Close</span><span class="p">()</span> <span class="n">cert</span> <span class="o">:=</span> <span class="n">conn</span><span class="o">.</span><span class="n">ConnectionState</span><span class="p">()</span><span class="o">.</span><span class="n">PeerCertificates</span><span class="p">[</span><span class="m">0</span><span class="p">]</span> <span class="n">status</span><span class="o">.</span><span class="n">ExpiresAt</span> <span class="o">=</span> <span class="n">cert</span><span class="o">.</span><span class="n">NotAfter</span> <span class="n">status</span><span class="o">.</span><span class="n">DaysLeft</span> <span class="o">=</span> <span class="kt">int</span><span class="p">(</span><span class="n">time</span><span class="o">.</span><span class="n">Until</span><span class="p">(</span><span class="n">cert</span><span class="o">.</span><span class="n">NotAfter</span><span class="p">)</span><span class="o">.</span><span class="n">Hours</span><span class="p">()</span> <span class="o">/</span> <span class="m">24</span><span class="p">)</span> <span class="n">status</span><span class="o">.</span><span class="n">Issuer</span> <span class="o">=</span> <span class="n">cert</span><span class="o">.</span><span class="n">Issuer</span><span class="o">.</span><span class="n">CommonName</span> <span class="k">return</span> <span class="n">status</span> <span class="p">}</span> <span class="k">func</span> <span class="n">main</span><span class="p">()</span> <span class="p">{</span> <span class="n">domains</span> <span class="o">:=</span> <span class="p">[]</span><span class="kt">string</span><span class="p">{</span> <span class="s">"github.com"</span><span class="p">,</span> <span class="s">"google.com"</span><span class="p">,</span> <span class="s">"expired.badssl.com"</span><span class="p">,</span> <span class="s">"self-signed.badssl.com"</span><span class="p">,</span> <span class="s">"wrong.host.badssl.com"</span><span class="p">,</span> <span class="p">}</span> <span class="k">for</span> <span class="n">_</span><span class="p">,</span> <span class="n">domain</span> <span class="o">:=</span> <span class="k">range</span> <span class="n">domains</span> <span class="p">{</span> <span class="n">status</span> <span class="o">:=</span> <span class="n">checkCert</span><span class="p">(</span><span class="n">domain</span><span class="p">)</span> <span class="k">if</span> <span class="n">status</span><span class="o">.</span><span class="n">Error</span> <span class="o">!=</span> <span class="s">""</span> <span class="p">{</span> <span class="n">fmt</span><span class="o">.</span><span class="n">Printf</span><span class="p">(</span><span class="s">"ERR %s: %s</span><span class="se">\n</span><span class="s">"</span><span class="p">,</span> <span class="n">domain</span><span class="p">,</span> <span class="n">status</span><span class="o">.</span><span class="n">Error</span><span class="p">)</span> <span class="k">continue</span> <span class="p">}</span> <span class="k">if</span> <span class="o">!</span><span class="n">status</span><span class="o">.</span><span class="n">IsValid</span> <span class="p">{</span> <span class="n">fmt</span><span class="o">.</span><span class="n">Printf</span><span class="p">(</span><span class="s">"FAIL %s: %s</span><span class="se">\n</span><span class="s">"</span><span class="p">,</span> <span class="n">domain</span><span class="p">,</span> <span class="n">status</span><span class="o">.</span><span class="n">ValidationError</span><span class="p">)</span> <span class="n">fmt</span><span class="o">.</span><span class="n">Printf</span><span class="p">(</span><span class="s">" expires: %s</span><span class="se">\n</span><span class="s">"</span><span class="p">,</span> <span class="n">status</span><span class="o">.</span><span class="n">ExpiresAt</span><span class="o">.</span><span class="n">Format</span><span class="p">(</span><span class="s">"2006-01-02"</span><span class="p">))</span> <span class="k">continue</span> <span class="p">}</span> <span class="k">switch</span> <span class="p">{</span> <span class="k">case</span> <span class="n">status</span><span class="o">.</span><span class="n">DaysLeft</span> <span class="o">&lt;</span> <span class="m">7</span><span class="o">:</span> <span class="n">fmt</span><span class="o">.</span><span class="n">Printf</span><span class="p">(</span><span class="s">"CRIT %s: %d days left</span><span class="se">\n</span><span class="s">"</span><span class="p">,</span> <span class="n">domain</span><span class="p">,</span> <span class="n">status</span><span class="o">.</span><span class="n">DaysLeft</span><span class="p">)</span> <span class="k">case</span> <span class="n">status</span><span class="o">.</span><span class="n">DaysLeft</span> <span class="o">&lt;</span> <span class="m">30</span><span class="o">:</span> <span class="n">fmt</span><span class="o">.</span><span class="n">Printf</span><span class="p">(</span><span class="s">"WARN %s: %d days left</span><span class="se">\n</span><span class="s">"</span><span class="p">,</span> <span class="n">domain</span><span class="p">,</span> <span class="n">status</span><span class="o">.</span><span class="n">DaysLeft</span><span class="p">)</span> <span class="k">default</span><span class="o">:</span> <span class="n">fmt</span><span class="o">.</span><span class="n">Printf</span><span class="p">(</span><span class="s">"OK %s: %d days left</span><span class="se">\n</span><span class="s">"</span><span class="p">,</span> <span class="n">domain</span><span class="p">,</span> <span class="n">status</span><span class="o">.</span><span class="n">DaysLeft</span><span class="p">)</span> <span class="p">}</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p>Output:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>OK github.com: 73 days left OK google.com: 40 days left FAIL expired.badssl.com: tls: failed to verify certificate: x509: certificate has expired or is not yet valid: "*.badssl.com" certificate is expired expires: 2015-04-12 FAIL self-signed.badssl.com: tls: failed to verify certificate: x509: certificate signed by unknown authority expires: 2028-01-20 FAIL wrong.host.badssl.com: tls: failed to verify certificate: x509: certificate is valid for *.badssl.com, badssl.com, not wrong.host.badssl.com expires: 2026-04-20 </code></pre> </div> <h2> "But I have auto-renewal" </h2> <p>Let's Encrypt auto-renewal fails silently. DNS changed, server migrated, disk full, rate limits hit, nginx didn't reload after renewal. You won't know until users see browser warnings.</p> <p>Always monitor even with auto-renewal.</p> <h2> Non-obvious gotchas </h2> <p><strong>Wildcard doesn't cover what you think</strong></p> <p><code>*.example.com</code> does NOT cover <code>example.com</code> (root) or <code>api.staging.example.com</code> (two levels deep). Monitor them separately.</p> <p><strong>Different certs behind load balancer</strong></p> <p>Three servers, each with its own certbot. One renewed, two didn't. 33% of users see errors. You can't reproduce it - you keep hitting the working server.</p> <p>Monitor from multiple locations or run checks repeatedly.</p> <p>This is how we monitor certificates at <a href="https://upsonar.io?utm_source=devto&amp;utm_medium=article&amp;utm_campaign=ssl-monitor" rel="noopener noreferrer">upsonar.io</a> - but the code above works if you prefer to run your own.</p> <p>How do you monitor your certificates?</p> webdev tutorial devops programming Why .dev, .app, .page (and 40+ Other TLDs) Don't Respond to WHOIS Serg Petrov Tue, 06 Jan 2026 19:52:12 +0000 https://dev.to/p12se/why-dev-app-page-and-40-other-tlds-dont-respond-to-whois-53n8 https://dev.to/p12se/why-dev-app-page-and-40-other-tlds-dont-respond-to-whois-53n8 <p>I was building <a href="https://upsonar.io?utm_source=devto&amp;utm_medium=article&amp;utm_campaign=whois" rel="noopener noreferrer">upsonar.io</a> - it monitors uptime, SSL certificates, and domain expiration. When I got to domain expiry alerts, I hit a wall.</p> <p>Checked <code>.com</code>, <code>.org</code>, <code>.net</code> - worked fine. Then I tried <code>google.dev</code>.</p> <p>Connection refused.</p> <h2> The Investigation </h2> <p>First thought: maybe Google blocks WHOIS queries for their domains? Let me check the WHOIS server for <code>.dev</code>:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="nv">$ </span>whois <span class="nt">-h</span> whois.iana.org dev </code></pre> </div> <p>Output (trimmed):<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>domain: DEV organisation: Charleston Road Registry Inc. ... whois: status: ACTIVE remarks: Registration information: https://www.registry.google </code></pre> </div> <p>See that empty <code>whois:</code> field? There's no WHOIS server for <code>.dev</code> at all.</p> <p>Turns out, Google owns 40+ TLDs and none of them have a WHOIS server:</p> <p><code>.app</code>, <code>.page</code>, <code>.new</code>, <code>.google</code>, <code>.youtube</code>, <code>.android</code>, <code>.chrome</code>, <code>.zip</code>, <code>.mov</code>, <code>.dad</code>, <code>.phd</code>, <code>.prof</code>, <code>.meme</code>, <code>.foo</code>, <code>.nexus</code>, <code>.rsvp</code>, <code>.fly</code>, <code>.ing</code>, <code>.boo</code>, <code>.channel</code>...</p> <p>You can check any TLD on <a href="https://www.iana.org/domains/root/db/dev.html" rel="noopener noreferrer">IANA's root database</a> - look for the "WHOIS Server" field.</p> <p>This isn't a bug. It's by design.</p> <h2> Why No WHOIS? </h2> <p>Google launched these TLDs after 2012, when ICANN started pushing a new protocol called RDAP (Registration Data Access Protocol).</p> <p>The main problem with WHOIS? No standard format. Every registrar returns different text, different field names, different date formats.</p> <p>RDAP fixes this:</p> <ul> <li> <strong>JSON responses</strong> - no more parsing random text formats, just <code>json.Unmarshal</code> </li> <li> <strong>Standard field names</strong> - expiration date is always <code>eventAction: "expiration"</code>, not "Expiry Date" vs "Registry Expiry Date" vs "paid-till"</li> <li> <strong>RESTful API</strong> - just a GET request, works with any HTTP client</li> </ul> <p>In January 2025, <a href="https://www.icann.org/en/announcements/details/icann-update-launching-rdap-sunsetting-whois-27-01-2025-en" rel="noopener noreferrer">ICANN officially sunset WHOIS</a> for gTLDs. RDAP is now the standard.</p> <h2> How to Check Domain Expiration with RDAP </h2> <p>If you want to monitor domain expiration or build a domain expiration lookup tool, RDAP is the way to go. Here's working Go code:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="k">package</span> <span class="n">main</span> <span class="k">import</span> <span class="p">(</span> <span class="s">"encoding/json"</span> <span class="s">"fmt"</span> <span class="s">"net/http"</span> <span class="s">"os"</span> <span class="s">"strings"</span> <span class="s">"time"</span> <span class="p">)</span> <span class="k">func</span> <span class="n">main</span><span class="p">()</span> <span class="p">{</span> <span class="n">domain</span> <span class="o">:=</span> <span class="s">"google.dev"</span> <span class="k">if</span> <span class="nb">len</span><span class="p">(</span><span class="n">os</span><span class="o">.</span><span class="n">Args</span><span class="p">)</span> <span class="o">&gt;</span> <span class="m">1</span> <span class="p">{</span> <span class="n">domain</span> <span class="o">=</span> <span class="n">os</span><span class="o">.</span><span class="n">Args</span><span class="p">[</span><span class="m">1</span><span class="p">]</span> <span class="p">}</span> <span class="n">expiry</span><span class="p">,</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">getExpiry</span><span class="p">(</span><span class="n">domain</span><span class="p">)</span> <span class="k">if</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="n">fmt</span><span class="o">.</span><span class="n">Printf</span><span class="p">(</span><span class="s">"Error: %v</span><span class="se">\n</span><span class="s">"</span><span class="p">,</span> <span class="n">err</span><span class="p">)</span> <span class="k">return</span> <span class="p">}</span> <span class="n">days</span> <span class="o">:=</span> <span class="kt">int</span><span class="p">(</span><span class="n">time</span><span class="o">.</span><span class="n">Until</span><span class="p">(</span><span class="n">expiry</span><span class="p">)</span><span class="o">.</span><span class="n">Hours</span><span class="p">()</span> <span class="o">/</span> <span class="m">24</span><span class="p">)</span> <span class="n">fmt</span><span class="o">.</span><span class="n">Printf</span><span class="p">(</span><span class="s">"%s expires %s (%d days)</span><span class="se">\n</span><span class="s">"</span><span class="p">,</span> <span class="n">domain</span><span class="p">,</span> <span class="n">expiry</span><span class="o">.</span><span class="n">Format</span><span class="p">(</span><span class="s">"2006-01-02"</span><span class="p">),</span> <span class="n">days</span><span class="p">)</span> <span class="p">}</span> <span class="k">func</span> <span class="n">getExpiry</span><span class="p">(</span><span class="n">domain</span> <span class="kt">string</span><span class="p">)</span> <span class="p">(</span><span class="n">time</span><span class="o">.</span><span class="n">Time</span><span class="p">,</span> <span class="kt">error</span><span class="p">)</span> <span class="p">{</span> <span class="n">tld</span> <span class="o">:=</span> <span class="n">domain</span><span class="p">[</span><span class="n">strings</span><span class="o">.</span><span class="n">LastIndex</span><span class="p">(</span><span class="n">domain</span><span class="p">,</span> <span class="s">"."</span><span class="p">)</span><span class="o">+</span><span class="m">1</span><span class="o">:</span><span class="p">]</span> <span class="c">// RDAP endpoints (from IANA bootstrap file)</span> <span class="n">endpoints</span> <span class="o">:=</span> <span class="k">map</span><span class="p">[</span><span class="kt">string</span><span class="p">]</span><span class="kt">string</span><span class="p">{</span> <span class="s">"com"</span><span class="o">:</span> <span class="s">"https://rdap.verisign.com/com/v1/domain/"</span><span class="p">,</span> <span class="s">"net"</span><span class="o">:</span> <span class="s">"https://rdap.verisign.com/net/v1/domain/"</span><span class="p">,</span> <span class="s">"org"</span><span class="o">:</span> <span class="s">"https://rdap.publicinterestregistry.org/rdap/domain/"</span><span class="p">,</span> <span class="s">"dev"</span><span class="o">:</span> <span class="s">"https://pubapi.registry.google/rdap/domain/"</span><span class="p">,</span> <span class="s">"app"</span><span class="o">:</span> <span class="s">"https://pubapi.registry.google/rdap/domain/"</span><span class="p">,</span> <span class="s">"io"</span><span class="o">:</span> <span class="s">"https://rdap.nic.io/domain/"</span><span class="p">,</span> <span class="p">}</span> <span class="n">endpoint</span><span class="p">,</span> <span class="n">ok</span> <span class="o">:=</span> <span class="n">endpoints</span><span class="p">[</span><span class="n">tld</span><span class="p">]</span> <span class="k">if</span> <span class="o">!</span><span class="n">ok</span> <span class="p">{</span> <span class="k">return</span> <span class="n">time</span><span class="o">.</span><span class="n">Time</span><span class="p">{},</span> <span class="n">fmt</span><span class="o">.</span><span class="n">Errorf</span><span class="p">(</span><span class="s">"unknown TLD: %s"</span><span class="p">,</span> <span class="n">tld</span><span class="p">)</span> <span class="p">}</span> <span class="n">resp</span><span class="p">,</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">http</span><span class="o">.</span><span class="n">Get</span><span class="p">(</span><span class="n">endpoint</span> <span class="o">+</span> <span class="n">domain</span><span class="p">)</span> <span class="k">if</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="k">return</span> <span class="n">time</span><span class="o">.</span><span class="n">Time</span><span class="p">{},</span> <span class="n">err</span> <span class="p">}</span> <span class="k">defer</span> <span class="n">resp</span><span class="o">.</span><span class="n">Body</span><span class="o">.</span><span class="n">Close</span><span class="p">()</span> <span class="k">var</span> <span class="n">data</span> <span class="k">struct</span> <span class="p">{</span> <span class="n">Events</span> <span class="p">[]</span><span class="k">struct</span> <span class="p">{</span> <span class="n">Action</span> <span class="kt">string</span> <span class="s">`json:"eventAction"`</span> <span class="n">Date</span> <span class="kt">string</span> <span class="s">`json:"eventDate"`</span> <span class="p">}</span> <span class="s">`json:"events"`</span> <span class="p">}</span> <span class="n">json</span><span class="o">.</span><span class="n">NewDecoder</span><span class="p">(</span><span class="n">resp</span><span class="o">.</span><span class="n">Body</span><span class="p">)</span><span class="o">.</span><span class="n">Decode</span><span class="p">(</span><span class="o">&amp;</span><span class="n">data</span><span class="p">)</span> <span class="k">for</span> <span class="n">_</span><span class="p">,</span> <span class="n">e</span> <span class="o">:=</span> <span class="k">range</span> <span class="n">data</span><span class="o">.</span><span class="n">Events</span> <span class="p">{</span> <span class="k">if</span> <span class="n">e</span><span class="o">.</span><span class="n">Action</span> <span class="o">==</span> <span class="s">"expiration"</span> <span class="p">{</span> <span class="k">return</span> <span class="n">time</span><span class="o">.</span><span class="n">Parse</span><span class="p">(</span><span class="n">time</span><span class="o">.</span><span class="n">RFC3339</span><span class="p">,</span> <span class="n">e</span><span class="o">.</span><span class="n">Date</span><span class="p">)</span> <span class="p">}</span> <span class="p">}</span> <span class="k">return</span> <span class="n">time</span><span class="o">.</span><span class="n">Time</span><span class="p">{},</span> <span class="n">fmt</span><span class="o">.</span><span class="n">Errorf</span><span class="p">(</span><span class="s">"no expiration date found"</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <p>Run it:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="nv">$ </span>go run main.go google.dev google.dev expires 2025-09-14 <span class="o">(</span>252 days<span class="o">)</span> <span class="nv">$ </span>go run main.go github.com github.com expires 2026-10-09 <span class="o">(</span>642 days<span class="o">)</span> </code></pre> </div> <p>Clean JSON, standard fields, no parsing nightmares.</p> <h2> RDAP Coverage </h2> <p>All gTLDs (.com, .org, .dev, etc.) support RDAP. Most ccTLDs (.uk, .de, .ru, etc.) still rely on WHOIS, but coverage is growing every year.</p> <p>The full list of RDAP endpoints is in <a href="https://data.iana.org/rdap/dns.json" rel="noopener noreferrer">IANA's bootstrap file</a> - this is where you get the correct endpoint for any TLD.</p> <h2> Key Takeaways </h2> <ol> <li>New TLDs (especially Google's) have no WHOIS server - RDAP only</li> <li>ICANN deprecated WHOIS in 2025 - RDAP is the future</li> <li>RDAP returns JSON - no more parsing 50 different date formats</li> </ol> <p>Don't want to deal with RDAP yourself? <a href="https://upsonar.io/tools/domain?utm_source=devto&amp;utm_medium=article&amp;utm_campaign=whois" rel="noopener noreferrer">upsonar.io/docs/domain-expiry</a> - monitors domain expiration and alerts before they expire. Free tier available.</p> <p>This is part of the <strong>Building a Monitoring Tool in Go</strong> series. Follow for more.</p> <p>What TLDs are you monitoring? Hit any weird edge cases?</p> webdev beginners monitoring tutorial How We Measure HTTP Timing: DNS, TCP, TLS, TTFB Breakdown Serg Petrov Thu, 01 Jan 2026 16:55:54 +0000 https://dev.to/p12se/how-we-measure-http-timing-dns-tcp-tls-ttfb-breakdown-4oa2 https://dev.to/p12se/how-we-measure-http-timing-dns-tcp-tls-ttfb-breakdown-4oa2 <p>When you check a website's response time, "847ms" doesn't tell you much. Is it slow DNS? Network latency? The server itself? You need a breakdown.</p> <p>At <a href="https://upsonar.io?utm_source=devto&amp;utm_medium=article&amp;utm_campaign=httptrace" rel="noopener noreferrer">upsonar.io</a> we show exactly where the time goes. Here's how we do it with Go's <code>net/http/httptrace</code> package.</p> <h2> The problem </h2> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="n">start</span> <span class="o">:=</span> <span class="n">time</span><span class="o">.</span><span class="n">Now</span><span class="p">()</span> <span class="n">resp</span><span class="p">,</span> <span class="n">_</span> <span class="o">:=</span> <span class="n">http</span><span class="o">.</span><span class="n">Get</span><span class="p">(</span><span class="s">"https://example.com"</span><span class="p">)</span> <span class="n">fmt</span><span class="o">.</span><span class="n">Println</span><span class="p">(</span><span class="n">time</span><span class="o">.</span><span class="n">Since</span><span class="p">(</span><span class="n">start</span><span class="p">))</span> <span class="c">// 847ms</span> </code></pre> </div> <p>847ms. But why? Could be anything.</p> <h2> The solution </h2> <p><code>httptrace</code> hooks into every phase of an HTTP request. You attach callbacks, and they fire as each phase completes:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="n">trace</span> <span class="o">:=</span> <span class="o">&amp;</span><span class="n">httptrace</span><span class="o">.</span><span class="n">ClientTrace</span><span class="p">{</span> <span class="n">DNSStart</span><span class="o">:</span> <span class="k">func</span><span class="p">(</span><span class="n">_</span> <span class="n">httptrace</span><span class="o">.</span><span class="n">DNSStartInfo</span><span class="p">)</span> <span class="p">{</span> <span class="n">dnsStart</span> <span class="o">=</span> <span class="n">time</span><span class="o">.</span><span class="n">Now</span><span class="p">()</span> <span class="p">},</span> <span class="n">DNSDone</span><span class="o">:</span> <span class="k">func</span><span class="p">(</span><span class="n">_</span> <span class="n">httptrace</span><span class="o">.</span><span class="n">DNSDoneInfo</span><span class="p">)</span> <span class="p">{</span> <span class="n">fmt</span><span class="o">.</span><span class="n">Printf</span><span class="p">(</span><span class="s">"DNS: %v</span><span class="se">\n</span><span class="s">"</span><span class="p">,</span> <span class="n">time</span><span class="o">.</span><span class="n">Since</span><span class="p">(</span><span class="n">dnsStart</span><span class="p">))</span> <span class="p">},</span> <span class="c">// same pattern for TCP, TLS, etc.</span> <span class="p">}</span> <span class="n">req</span> <span class="o">=</span> <span class="n">req</span><span class="o">.</span><span class="n">WithContext</span><span class="p">(</span><span class="n">httptrace</span><span class="o">.</span><span class="n">WithClientTrace</span><span class="p">(</span><span class="n">req</span><span class="o">.</span><span class="n">Context</span><span class="p">(),</span> <span class="n">trace</span><span class="p">))</span> </code></pre> </div> <h2> What each metric means </h2> <p><strong>DNS Lookup</strong> - resolving domain to IP. Slow (100ms+) means DNS server issues or cold cache.</p> <p><strong>TCP Connect</strong> - the three-way handshake. Mostly about physical distance to the server.</p> <p><strong>TLS Handshake</strong> - negotiating encryption. Usually 50-150ms. Over 300ms means something's off - slow server or problematic certificate chain.</p> <p><strong>TTFB</strong> - time to first byte. Includes DNS + TCP + TLS + server processing. This is the standard metric for measuring response speed.</p> <p><strong>Transfer</strong> - downloading the response body.</p> <h2> Working example </h2> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="k">package</span> <span class="n">main</span> <span class="k">import</span> <span class="p">(</span> <span class="s">"crypto/tls"</span> <span class="s">"fmt"</span> <span class="s">"io"</span> <span class="s">"net/http"</span> <span class="s">"net/http/httptrace"</span> <span class="s">"os"</span> <span class="s">"time"</span> <span class="p">)</span> <span class="k">func</span> <span class="n">main</span><span class="p">()</span> <span class="p">{</span> <span class="n">url</span> <span class="o">:=</span> <span class="s">"https://httpbin.org/delay/2"</span> <span class="k">if</span> <span class="nb">len</span><span class="p">(</span><span class="n">os</span><span class="o">.</span><span class="n">Args</span><span class="p">)</span> <span class="o">&gt;</span> <span class="m">1</span> <span class="p">{</span> <span class="n">url</span> <span class="o">=</span> <span class="n">os</span><span class="o">.</span><span class="n">Args</span><span class="p">[</span><span class="m">1</span><span class="p">]</span> <span class="p">}</span> <span class="k">var</span> <span class="n">dnsStart</span><span class="p">,</span> <span class="n">tcpStart</span><span class="p">,</span> <span class="n">tlsStart</span> <span class="n">time</span><span class="o">.</span><span class="n">Time</span> <span class="n">totalStart</span> <span class="o">:=</span> <span class="n">time</span><span class="o">.</span><span class="n">Now</span><span class="p">()</span> <span class="n">trace</span> <span class="o">:=</span> <span class="o">&amp;</span><span class="n">httptrace</span><span class="o">.</span><span class="n">ClientTrace</span><span class="p">{</span> <span class="n">DNSStart</span><span class="o">:</span> <span class="k">func</span><span class="p">(</span><span class="n">_</span> <span class="n">httptrace</span><span class="o">.</span><span class="n">DNSStartInfo</span><span class="p">)</span> <span class="p">{</span> <span class="n">dnsStart</span> <span class="o">=</span> <span class="n">time</span><span class="o">.</span><span class="n">Now</span><span class="p">()</span> <span class="p">},</span> <span class="n">DNSDone</span><span class="o">:</span> <span class="k">func</span><span class="p">(</span><span class="n">_</span> <span class="n">httptrace</span><span class="o">.</span><span class="n">DNSDoneInfo</span><span class="p">)</span> <span class="p">{</span> <span class="n">fmt</span><span class="o">.</span><span class="n">Printf</span><span class="p">(</span><span class="s">"DNS: %v</span><span class="se">\n</span><span class="s">"</span><span class="p">,</span> <span class="n">time</span><span class="o">.</span><span class="n">Since</span><span class="p">(</span><span class="n">dnsStart</span><span class="p">))</span> <span class="p">},</span> <span class="n">ConnectStart</span><span class="o">:</span> <span class="k">func</span><span class="p">(</span><span class="n">_</span><span class="p">,</span> <span class="n">_</span> <span class="kt">string</span><span class="p">)</span> <span class="p">{</span> <span class="n">tcpStart</span> <span class="o">=</span> <span class="n">time</span><span class="o">.</span><span class="n">Now</span><span class="p">()</span> <span class="p">},</span> <span class="n">ConnectDone</span><span class="o">:</span> <span class="k">func</span><span class="p">(</span><span class="n">_</span><span class="p">,</span> <span class="n">_</span> <span class="kt">string</span><span class="p">,</span> <span class="n">_</span> <span class="kt">error</span><span class="p">)</span> <span class="p">{</span> <span class="n">fmt</span><span class="o">.</span><span class="n">Printf</span><span class="p">(</span><span class="s">"TCP: %v</span><span class="se">\n</span><span class="s">"</span><span class="p">,</span> <span class="n">time</span><span class="o">.</span><span class="n">Since</span><span class="p">(</span><span class="n">tcpStart</span><span class="p">))</span> <span class="p">},</span> <span class="n">TLSHandshakeStart</span><span class="o">:</span> <span class="k">func</span><span class="p">()</span> <span class="p">{</span> <span class="n">tlsStart</span> <span class="o">=</span> <span class="n">time</span><span class="o">.</span><span class="n">Now</span><span class="p">()</span> <span class="p">},</span> <span class="n">TLSHandshakeDone</span><span class="o">:</span> <span class="k">func</span><span class="p">(</span><span class="n">_</span> <span class="n">tls</span><span class="o">.</span><span class="n">ConnectionState</span><span class="p">,</span> <span class="n">_</span> <span class="kt">error</span><span class="p">)</span> <span class="p">{</span> <span class="n">fmt</span><span class="o">.</span><span class="n">Printf</span><span class="p">(</span><span class="s">"TLS: %v</span><span class="se">\n</span><span class="s">"</span><span class="p">,</span> <span class="n">time</span><span class="o">.</span><span class="n">Since</span><span class="p">(</span><span class="n">tlsStart</span><span class="p">))</span> <span class="p">},</span> <span class="n">GotFirstResponseByte</span><span class="o">:</span> <span class="k">func</span><span class="p">()</span> <span class="p">{</span> <span class="n">fmt</span><span class="o">.</span><span class="n">Printf</span><span class="p">(</span><span class="s">"TTFB: %v</span><span class="se">\n</span><span class="s">"</span><span class="p">,</span> <span class="n">time</span><span class="o">.</span><span class="n">Since</span><span class="p">(</span><span class="n">totalStart</span><span class="p">))</span> <span class="p">},</span> <span class="p">}</span> <span class="n">req</span><span class="p">,</span> <span class="n">_</span> <span class="o">:=</span> <span class="n">http</span><span class="o">.</span><span class="n">NewRequest</span><span class="p">(</span><span class="s">"GET"</span><span class="p">,</span> <span class="n">url</span><span class="p">,</span> <span class="no">nil</span><span class="p">)</span> <span class="n">req</span> <span class="o">=</span> <span class="n">req</span><span class="o">.</span><span class="n">WithContext</span><span class="p">(</span><span class="n">httptrace</span><span class="o">.</span><span class="n">WithClientTrace</span><span class="p">(</span><span class="n">req</span><span class="o">.</span><span class="n">Context</span><span class="p">(),</span> <span class="n">trace</span><span class="p">))</span> <span class="n">client</span> <span class="o">:=</span> <span class="o">&amp;</span><span class="n">http</span><span class="o">.</span><span class="n">Client</span><span class="p">{</span><span class="n">Transport</span><span class="o">:</span> <span class="o">&amp;</span><span class="n">http</span><span class="o">.</span><span class="n">Transport</span><span class="p">{</span><span class="n">DisableKeepAlives</span><span class="o">:</span> <span class="no">true</span><span class="p">}}</span> <span class="n">resp</span><span class="p">,</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">client</span><span class="o">.</span><span class="n">Do</span><span class="p">(</span><span class="n">req</span><span class="p">)</span> <span class="k">if</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="n">fmt</span><span class="o">.</span><span class="n">Println</span><span class="p">(</span><span class="s">"Error:"</span><span class="p">,</span> <span class="n">err</span><span class="p">)</span> <span class="k">return</span> <span class="p">}</span> <span class="k">defer</span> <span class="n">resp</span><span class="o">.</span><span class="n">Body</span><span class="o">.</span><span class="n">Close</span><span class="p">()</span> <span class="n">transferStart</span> <span class="o">:=</span> <span class="n">time</span><span class="o">.</span><span class="n">Now</span><span class="p">()</span> <span class="n">io</span><span class="o">.</span><span class="n">ReadAll</span><span class="p">(</span><span class="n">resp</span><span class="o">.</span><span class="n">Body</span><span class="p">)</span> <span class="n">fmt</span><span class="o">.</span><span class="n">Printf</span><span class="p">(</span><span class="s">"Transfer: %v</span><span class="se">\n</span><span class="s">"</span><span class="p">,</span> <span class="n">time</span><span class="o">.</span><span class="n">Since</span><span class="p">(</span><span class="n">transferStart</span><span class="p">))</span> <span class="n">fmt</span><span class="o">.</span><span class="n">Printf</span><span class="p">(</span><span class="s">"Total: %v</span><span class="se">\n</span><span class="s">"</span><span class="p">,</span> <span class="n">time</span><span class="o">.</span><span class="n">Since</span><span class="p">(</span><span class="n">totalStart</span><span class="p">))</span> <span class="p">}</span> </code></pre> </div> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>go run main.go https://httpbin.org/delay/2 </code></pre> </div> <p>Output:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>DNS: 148.00525ms TCP: 142.56925ms TLS: 289.685ms TTFB: 2.956339583s Transfer: 72.208µs Total: 2.95670575s </code></pre> </div> <p>TTFB is everything until the first byte arrives. Transfer is downloading the body - here it's tiny. Total = TTFB + Transfer.</p> <p>With a larger response, Transfer becomes significant:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>go run main.go https://proof.ovh.net/files/10Mb.dat </code></pre> </div> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>DNS: 3.621333ms TCP: 54.364208ms TLS: 116.879041ms TTFB: 286.073291ms Transfer: 14.221007833s Total: 14.507351083s </code></pre> </div> <p>Same TTFB formula, but now Transfer dominates - 14 seconds to download 10MB.</p> <h2> Watch out for connection reuse </h2> <p>Go's <code>http.Client</code> reuses connections by default. Second request to the same host - DNS, TCP, TLS all show 0ms.</p> <p>For accurate measurements, disable keep-alives:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="n">client</span> <span class="o">:=</span> <span class="o">&amp;</span><span class="n">http</span><span class="o">.</span><span class="n">Client</span><span class="p">{</span> <span class="n">Transport</span><span class="o">:</span> <span class="o">&amp;</span><span class="n">http</span><span class="o">.</span><span class="n">Transport</span><span class="p">{</span> <span class="n">DisableKeepAlives</span><span class="o">:</span> <span class="no">true</span><span class="p">,</span> <span class="p">},</span> <span class="p">}</span> </code></pre> </div> <h2> What slow numbers tell you </h2> <ul> <li> <strong>DNS &gt; 100ms</strong> → Try a faster DNS provider (Cloudflare, Google)</li> <li> <strong>TCP &gt; 100ms</strong> → Server is far from users, consider a CDN</li> <li> <strong>TLS &gt; 200ms</strong> → Check certificate chain, enable session resumption</li> <li> <strong>TTFB &gt; 500ms</strong> → Backend problem: slow database, cold starts, heavy processing</li> <li> <strong>Transfer high</strong> → Large response, enable gzip/brotli compression</li> </ul> <h2> The 200ms rule </h2> <p>Users notice delays over 200ms. If your TTFB alone exceeds that, the page will feel slow - no matter how optimized your frontend is.</p> <p>Try it on your site: <a href="https://upsonar.io/tools/diagnose?utm_source=devto&amp;utm_medium=article&amp;utm_campaign=httptrace" rel="noopener noreferrer">upsonar.io/tools/diagnose</a> - free, no signup.</p> <p><em>What tools do you use for debugging slow requests?</em></p> webdev programming monitoring network When 200 OK Doesn't Mean Everything Is OK Serg Petrov Sat, 27 Dec 2025 13:12:54 +0000 https://dev.to/p12se/when-200-ok-doesnt-mean-everything-is-ok-4g4o https://dev.to/p12se/when-200-ok-doesnt-mean-everything-is-ok-4g4o <h1> Why Your Uptime Monitor Lies to You (And What I Built Instead) </h1> <p>Last year my site went down. Well, not really "down" — the server was fine. But users saw a broken page because Cloudflare had issues and my CSS wasn't loading.</p> <p>My uptime monitor? Green checkmarks everywhere. 100% uptime. Great job.</p> <p>That's when I realized: traditional monitoring is broken.</p> <h2> The lie of "200 OK" </h2> <p>Every uptime tool does the same thing:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>GET https://your-site.com → 200 OK → "All good!" </code></pre> </div> <p>But your site isn't just your server. It's:</p> <ul> <li>Fonts from Google</li> <li>JS bundles from your CDN</li> <li>Payment forms from Stripe</li> <li>Images from S3</li> <li>Chat widgets, analytics, whatever else</li> </ul> <p>If any of these break, users see a broken page. Your server is fine. Your monitoring is green. Your users are angry.</p> <p>Remember when <a href="https://aws.amazon.com/message/41926/" rel="noopener noreferrer">AWS S3 went down</a> and half the internet broke? Or those Cloudflare incidents that took out millions of sites? Your server was probably fine during all of that. Your uptime monitor probably said everything was OK.</p> <h2> So I built something different </h2> <p>I made <a href="https://upsonar.io?utm_source=devto&amp;utm_medium=article&amp;utm_campaign=intro" rel="noopener noreferrer">upsonar.io</a>. It checks your site like a real browser would:</p> <ol> <li>Load the page</li> <li>Find all external resources (scripts, styles, images, fonts)</li> <li>Check each one</li> <li>Tell you what's actually broken</li> </ol> <p>Here's what a real check looks like:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>example.com: 200 OK ✓ ├── fonts.googleapis.com → 200 ✓ ├── cdn.example.com/app.js → 200 ✓ ├── js.stripe.com/v3 → 200 ✓ ├── s3.amazonaws.com/images/hero.webp → 503 ✗ └── widget.intercom.io → timeout ✗ Result: 3/5 dependencies working </code></pre> </div> <p>Now you know the real picture.</p> <h2> How it works </h2> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>┌──────────────┐ ┌──────────────┐ ┌─────────────┐ │ Frontend │ ───▶ │ Go API │ ───▶ │ Redis │ │ React/Vite │ │ Echo │ │ Cache │ └──────────────┘ └──────┬───────┘ └─────────────┘ │ ┌─────────────────┼─────────────────┐ ▼ ▼ ▼ ┌────────────┐ ┌────────────┐ ┌────────────┐ │ Sydney │ │ Amsterdam │ │ New York │ │ (DO Func) │ │ (DO Func) │ │ (DO Func) │ └─────┬──────┘ └─────┬──────┘ └─────┬──────┘ │ │ │ └─────────────────┼─────────────────┘ ▼ ┌──────────────┐ │ Your Website │ └──────────────┘ </code></pre> </div> <p>The idea: checks run from where your users actually are. Not from one datacenter.</p> <p>9 regions right now: Sydney, Singapore, Amsterdam, Frankfurt, London, New York, San Francisco, Toronto, Bangalore. Each one is a serverless function on DigitalOcean — no servers to manage, scales automatically.</p> <p><strong>What happens on each check:</strong></p> <ol> <li>Scheduler triggers (every 1-5 minutes depending on your plan)</li> <li>API fans out requests to all selected regions in parallel</li> <li>Each function does its thing: <ul> <li>HTTP request with detailed timing</li> <li>Parse HTML, find all external resources</li> <li>Check each resource (limited concurrency so we don't hammer the target)</li> </ul> </li> <li>Results come back, get cached in Redis</li> <li>If status changed from last check → notification goes out</li> </ol> <p>The serverless part is nice. Cold starts add maybe 200-300ms, but for monitoring that's fine. And I don't have to babysit servers in 9 datacenters.</p> <h2> Tech stuff (for the curious) </h2> <p>Backend is Go with Echo. Why Go? The <code>net/http/httptrace</code> package is amazing for measuring exactly where time goes in a request. Plus goroutines make it easy to check 50 resources in parallel without the code turning into callback soup.</p> <p>Frontend is React + Vite. Database is just SQLite — simple, no separate service to manage, works fine for this scale.</p> <p>The interesting bits:</p> <ul> <li>HTML parsing to extract resources (handling srcset, lazy loading, relative URLs)</li> <li>Semaphore pattern for concurrent resource checks (don't want to DDoS the target)</li> <li>TLS probing to check which protocols and ciphers a server supports</li> </ul> <p>I'll write about each of these separately.</p> <h2> Try it </h2> <p>Free tools, no signup:</p> <ul> <li> <a href="https://upsonar.io/tools/availability?utm_source=devto&amp;utm_medium=article&amp;utm_campaign=intro" rel="noopener noreferrer">Check availability</a> from 9 regions</li> <li> <a href="https://upsonar.io/tools/ssl?utm_source=devto&amp;utm_medium=article&amp;utm_campaign=intro" rel="noopener noreferrer">Check SSL certificate</a> — expiry, chain, TLS config</li> <li> <a href="https://upsonar.io/tools/domain?utm_source=devto&amp;utm_medium=article&amp;utm_campaign=intro" rel="noopener noreferrer">Check domain expiry</a> — WHOIS lookup</li> <li> <a href="https://upsonar.io/tools/diagnose?utm_source=devto&amp;utm_medium=article&amp;utm_campaign=intro" rel="noopener noreferrer">Full health check</a> — timing breakdown, security headers, dependencies</li> </ul> <p>For continuous monitoring there's a free tier — 3 sites, checks every 5 minutes.</p> <h2> What's next </h2> <p>Planning to write about:</p> <ul> <li>Measuring HTTP phases with Go's httptrace</li> <li>Parsing HTML for resource URLs (it's trickier than you'd think)</li> <li>Testing TLS versions programmatically</li> <li>Concurrent HTTP requests without killing the target</li> </ul> <p>Follow if you're interested.</p> <p>What do you use for monitoring? Curious if others have hit similar issues with "false positives" from traditional uptime tools.</p> webdev programming monitoring startup