1

Heartbeat-HQ-Integration

Jonathan Miller edited this page 2026-06-22 13:47:46 +00:00

Table of Contents

• Heartbeat & HQ Integration
• How It Works
• Configuration
• Payload
• RSA Signing
• Support PIN
• Troubleshooting

Heartbeat & HQ Integration

MokoSuite sends RSA-signed heartbeat payloads to MokoSuiteHQ for centralized monitoring.

How It Works

1. On install/update: postflight sends a heartbeat immediately
2. On admin login: runtime heartbeat fires when the package version changes
3. Manual: "Send Heartbeat" button on the dashboard

Configuration

Setting	Location	Description
HQ Base URL	Core Plugin > Heartbeat Monitor	URL of the MokoSuiteHQ instance
Enable Heartbeat	Core Plugin > Heartbeat Monitor	Toggle heartbeat on/off
Signing Key	Core Plugin > Heartbeat Monitor (hidden)	RSA private key for signing

Payload

{
  "token": "health_api_token",
  "domain": "clientsite.com",
  "dev_domain": "dev.clientsite.com",
  "site_name": "Client Site",
  "site_url": "https://clientsite.com",
  "joomla_version": "5.2.1",
  "php_version": "8.3.12",
  "mokosuiteclient_version": "02.47.00",
  "timestamp": 1750000000,
  "client_info": { "company": "...", "email": "..." },
  "health": { "status": "ok", "checks": { ... } }
}

RSA Signing

• Headers: X-MokoSuite-Signature, X-MokoSuite-Timestamp
• Message: domain|timestamp|token
• Algorithm: SHA-256

Support PIN

A daily-rotating PIN derived from HMAC-SHA256(health_api_token, YYYY-MM-DD). Format: MOKO-XXXX-XXXX. Both client and HQ compute the same PIN independently.

Troubleshooting

• Check Joomla logs for "mokosuiteclient" category
• Verify monitor_base_url in core plugin params
• Ensure the RSA key pair matches between client and HQ

Pages

• Heartbeat-HQ-Integration
• Heartbeat-Protocol
• Home
• Mirror-Domains-Staging
• Privacy-Guard
• Security-Firewall
• guides
  • Configuration
  • Installation
• reference
  • API Endpoints
  • Grafana Integration
  • Health Monitoring
  • Plugin Protection
  • health endpoint