Description
Tired of heavy, bloated SaaS management tools? Updawa is a lightweight, headless monitoring plugin built for developers, sysadmins, and agencies.
Instead of forcing you into a proprietary third-party dashboard, Updawa turns your WordPress site into a secure data node. It gives you a clean admin dashboard to check site health instantly, while exposing a secure REST API endpoint that you can poll from any external monitoring tool, custom script, or mobile app.
Whether you manage one site or a hundred, Updawa is the perfect API-first alternative to heavy management plugins.
Why Choose Updawa?
- Headless & Flexible: Build your own dashboard using Grafana, custom Node/Python scripts, or your agency’s proprietary software.
- 100% Private (No SaaS Lock-in): Zero external dependencies. Your data never leaves your server. No pings to third-party tracking services.
- Ultra-Lightweight: Only runs when queried. No background bloat, database clutter, or heavy admin scripts.
Key Features
- Secure REST API Endpoint: Fetch a full JSON snapshot of your site’s status via
GET /wp-json/updawa/v1/status. - Bearer Token Security: The API is protected by a 256-bit cryptographically random token that you can regenerate or revoke at any time.
- SSL Certificate Monitoring: Automatically checks your site’s HTTPS endpoint and reports the exact expiry date and days remaining.
- Beautiful Local Dashboard: View pending update counts (Core, Plugins, Themes) and SSL status with intuitive colour-coded badges.
- QR Code Integration: Easily import your API credentials into mobile monitoring apps via the bundled (zero-dependency) QR generator.
- Android App: Monitor all your Updawa-enabled sites from your pocket, with push notifications for expiring SSLs and pending updates. Download on Google Play.
- JSON View: See your site’s full API payload directly in the backend with a one-click Copy button.
- Zero External Dependencies: The QR code library is fully bundled and runs locally in your browser. No data is sent to external servers.
REST API
The endpoint is read-only and dead simple to use. Just pass your Bearer token:
curl -H "Authorization: Bearer YOUR_TOKEN" https://example.com/wp-json/updawa/v1/status
Example JSON response:
{
"generated_at": "2026-04-14T09:10:41+00:00",
"wordpress": {
"current_version": "6.9.4",
"update_available": false,
"new_version": null,
"package_url": null
},
"plugins": [ ... ],
"themes": [ ... ],
"ssl_expires_at": "2026-07-05T01:48:00+00:00"
}
Screenshots
The Updawa Dashboard: A modern, at-a-glance overview of WordPress core, SSL certificate, plugins, and themes with colour-coded stat cards. 
API & Token Management: Manage your Bearer token, copy the curlcommand, or scan the QR code for instant mobile access.
JSON View: See your site’s full API payload directly in the backend with a one-click Copy button.
Installation
- Upload the
updawafolder to the/wp-content/plugins/directory, or install it directly via the WordPress Plugin Directory. - Activate the plugin through the Plugins menu in WordPress.
- Navigate to Updawa in your WordPress admin sidebar.
- Open the Token API tab to copy your API token or scan the QR code to connect your external monitoring tools.
FAQ
-
Can I use the REST API from a remote monitoring system?
-
Yes! That is exactly what Updawa was built for. Simply copy the Bearer token from the Token API tab and include it as the
Authorization: Bearer {TOKEN}header in your HTTP requests. -
Does the plugin monitor SSL certificates?
-
Yes. If your site runs on HTTPS, Updawa securely connects to your domain on port 443 to read the certificate expiry date. The dashboard shows a warning badge when fewer than 30 days remain.
-
Does Updawa send my data to external servers?
-
No. Zero data is sent to external servers. Updawa uses WordPress’s native built-in functions for update checks. The QR code library is fully bundled and runs locally in your browser.
-
How is the API token stored and secured?
-
The token is safely stored as a WordPress option (
updawa_token) in your database. It is never transmitted to us or logged by the plugin. If compromised, you can instantly invalidate it by clicking Regenerate token. -
What happens to my data when I delete the plugin?
-
The plugin’s uninstall routine removes the
updawa_tokenoption from the database when the plugin is deleted through the WordPress admin. -
Is there a mobile app?
-
Yes, the Updawa Android app is available on Google Play. It lets you monitor update and SSL status across multiple WordPress sites from your phone, with push notifications when updates are available or certificates are about to expire. Scan the QR code in the Token API tab to import your site instantly.
Reviews
There are no reviews for this plugin.
Contributors & Developers
“Updawa – WordPress Update & SSL Monitoring API” is open source software. The following people have contributed to this plugin.
Contributors
“Updawa – WordPress Update & SSL Monitoring API” has been translated into 1 locale. Thank you to the translators for their contributions.
Translate “Updawa – WordPress Update & SSL Monitoring API” into your language.
Interested in development?
Browse the code, check out the SVN repository, or subscribe to the development log by RSS.
Changelog
1.0.7
- Minor editorial improvements.
1.0.6
- Added information about the Updawa Android app, now available on Google Play.
1.0.5
- Fixed false positive update notifications for plugins and themes.
1.0.4
- Fixed empty “More Info” modal in the WordPress plugin directory.
1.0.3
- New modern admin UI with stat cards, colour-coded badges, and card-based layout.
- SSL certificate monitoring added to the Status tab.
- Copy button added to the Example API Call card.
1.0.2
- Plugin renamed to Updawa.
1.0.1
- Fixed regulatory compliance issues.
1.0.0
- Initial release.