diff --git a/.gitea/workflows/deploy-manual.yml b/.gitea/workflows/deploy-manual.yml
index bb133ed..132f488 100644
--- a/.gitea/workflows/deploy-manual.yml
+++ b/.gitea/workflows/deploy-manual.yml
@@ -110,6 +110,19 @@ jobs:
 
           rm -f /tmp/deploy_key /tmp/sftp-config.json
 
+
+      - name: Post-deploy health check
+        if: success() && steps.check.outputs.skip != 'true'
+        run: |
+          if [ -f "deploy/health-check.php" ]; then
+            SITE_URL="${{ vars.DEV_SITE_URL }}"
+            if [ -n "$SITE_URL" ]; then
+              php deploy/health-check.php --url "$SITE_URL" --checks http --timeout 30 || echo "::warning::Health check failed after deploy"
+            else
+              echo "DEV_SITE_URL not configured, skipping health check"
+            fi
+          fi
+
       - name: Summary
         if: always()
         run: |
diff --git a/.gitea/workflows/repo-health.yml b/.gitea/workflows/repo-health.yml
index 869267e..d5a7fe3 100644
--- a/.gitea/workflows/repo-health.yml
+++ b/.gitea/workflows/repo-health.yml
@@ -764,3 +764,41 @@ jobs:
           fi
 
           printf '%s\n' 'Repository health guardrails passed.' >> "${GITHUB_STEP_SUMMARY}"
+
+
+  site-health:
+    name: Site Health
+    runs-on: ubuntu-latest
+    if: github.event_name == 'workflow_dispatch'
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Setup PHP
+        uses: shivammathur/setup-php@v2
+        with:
+          php-version: '8.3'
+
+      - name: Uptime check
+        if: env.URLS != ''
+        run: |
+          echo "$URLS" > /tmp/urls.txt
+          php monitoring/uptime-probe.php --urls /tmp/urls.txt --timeout 15 || echo "::warning::Some sites are down"
+          rm -f /tmp/urls.txt
+        env:
+          URLS: ${{ vars.MONITORED_URLS }}
+
+      - name: SSL certificate check
+        if: env.DOMAINS != ''
+        run: |
+          echo "$DOMAINS" > /tmp/domains.txt
+          php monitoring/ssl-check.php --domains /tmp/domains.txt --warn-days 30 || echo "::warning::SSL certificates expiring soon"
+          rm -f /tmp/domains.txt
+        env:
+          DOMAINS: ${{ vars.MONITORED_DOMAINS }}
+
+      - name: Summary
+        if: always()
+        run: |
+          echo "### Site Health" >> $GITHUB_STEP_SUMMARY
+          echo "Uptime and SSL checks completed." >> $GITHUB_STEP_SUMMARY
+
diff --git a/.gitea/workflows/security-audit.yml b/.gitea/workflows/security-audit.yml
index 789325a..f316b90 100644
--- a/.gitea/workflows/security-audit.yml
+++ b/.gitea/workflows/security-audit.yml
@@ -80,3 +80,19 @@ jobs:
             -H "Priority: high" \
             -d "Security audit found vulnerabilities. Review dependency updates." \
             "${NTFY_URL}/${NTFY_TOPIC}" || true
+
+
+      - name: Joomla version audit
+        if: always()
+        run: |
+          if [ -f "monitoring/joomla-version-audit.php" ] && [ -n "$JOOMLA_SITES" ]; then
+            echo "$JOOMLA_SITES" > /tmp/sites.json
+            php monitoring/joomla-version-audit.php --sites /tmp/sites.json || true
+            echo "### Joomla Version Audit" >> $GITHUB_STEP_SUMMARY
+            rm -f /tmp/sites.json
+          else
+            echo "Joomla audit skipped (no script or JOOMLA_SITES_JSON not configured)"
+          fi
+        env:
+          JOOMLA_SITES: ${{ vars.JOOMLA_SITES_JSON }}
+