TYPO3 Site Management runs multiple client websites from one installation.
Each site uses a separate domain with independent SSL — and staging instances add more certificate schedules outside production.
TYPO3 agencies manage multiple client websites from one TYPO3 installation via Site Management — each site on a separate domain with independent SSL. Staging and preview instances carry SSL independent from the production site and receive less monitoring attention. Headless TYPO3 deployments split the backend API domain from the frontend, creating certificate schedules that expire separately. Merlonix monitors SSL and DNS so you see expiry before clients do.
No credit card for the trial. Cancel any time.
- Check cadence (Agency)
- 5 min
- SSL pre-expiry alert
- 30 days
- Independent DNS resolvers
- 3
- Vendors watched
- 11
Where TYPO3 agencies get caught out
Three failure modes specific to TYPO3 client deployments — multi-site configurations, staging environments, and headless backends.
TYPO3 agencies managing enterprise multi-site installations deal with per-domain SSL that expires independently across each site, staging and preview instance SSL that fails during client review cycles, and headless TYPO3 backend API SSL that expires silently — showing as missing content rather than an SSL warning.
TYPO3 Site Management runs multiple client websites from one installation — each site domain has independent SSL that expires on a different schedule
TYPO3's Site Management module allows agencies to configure multiple websites within one TYPO3 installation, each mapped to a separate domain. Enterprise clients running TYPO3 for multiple brands, regional markets, or business divisions use separate domains per site — each with its own SSL certificate provisioned and managed independently
A TYPO3 agency managing an enterprise client with a corporate site (clientgroup.com), a product brand site (clientproduct.com), and regional variants (clientgroup.de, clientgroup.fr) configures all four as separate TYPO3 sites within one installation. Each domain has its own SSL certificate. The corporate site receives the most monitoring attention because it is the client's primary public presence. Regional sites and product brand sites receive less attention because they are updated less frequently. When the French regional site SSL expires, French-market visitors encounter SSL warnings when navigating to the site. The agency investigation requires identifying which certificate authority, which renewal mechanism (Certbot, cPanel AutoSSL, or server-managed SSL), and which server or CDN configuration manages the SSL for that specific regional domain — not always documented when the TYPO3 installation was first configured.
TYPO3 staging and preview instances carry SSL independent from the production site — and client review cycles create SSL failure moments at the worst time
TYPO3 agencies maintain staging environments for every client project — staging.clientsite.com, preview.clientsite.com, or review.clientsite.com — where content editors and clients review page layouts, test new features, and approve changes before publishing to production. Each staging domain has SSL independent from the production site
TYPO3 staging environments are used at the most time-sensitive moments in a project: when a client is reviewing content for an upcoming campaign launch, when an integration test is running before a production deployment, or when a content editor is showing pages to a client stakeholder. When staging SSL expires during a client review session, the browser SSL warning appears in the middle of a presentation. Clients interpret the warning as a security problem with the agency's systems — not a routine certificate maintenance issue. The staging environment SSL is often provisioned independently from the production SSL: a separate Certbot cron on the staging server, a separate cPanel AutoSSL configuration, or a separate subdomain certificate on the production server's hosting plan. Renewal failures on staging go unnoticed until a review session is interrupted by an SSL error.
Headless TYPO3 deployments split the backend API domain from the frontend — the backend SSL expires independently and surfaces as missing content on the frontend
Agencies building headless TYPO3 deployments run the TYPO3 backend as an API server on a separate subdomain — api.clientsite.com or cms.clientsite.com — while the frontend is deployed on Vercel, Netlify, or a custom server on the primary domain. The backend API SSL expires independently from the frontend SSL
In a headless TYPO3 setup, the frontend JavaScript application fetches all content from the TYPO3 backend via the TYPO3 Content API or a headless extension API. The frontend domain (clientsite.com) has SSL provisioned through Vercel, Netlify, or Cloudflare — typically managed automatically by the frontend hosting platform. The TYPO3 backend API domain (api.clientsite.com or cms.clientsite.com) has SSL provisioned separately — through the backend hosting environment, a VPS Certbot setup, or a server-managed certificate. When the backend API SSL expires, the frontend continues to load with a valid SSL certificate and the browser shows no warning. But all API requests from the frontend to the TYPO3 backend fail. The website renders the application shell but all content — articles, products, navigation, page metadata — is missing. Clients and visitors see a blank or partially rendered site. The agency receives a report that "the site is empty" or "content is not showing," not an SSL error.
How it works
SSL and DNS monitoring for TYPO3 multi-site installations, staging environments, and headless deployments.
Merlonix monitors CNAME integrity and SSL health across every TYPO3 site domain — including staging and preview instances and headless backend API subdomains — so SSL failures do not surface during client review sessions or as missing content on the frontend.
01
Add production site domains, staging and preview instances, and headless API subdomains
Verify ownership with a DNS TXT record on the apex domain. All subdomains under that apex — TYPO3 site domains on the same apex, staging.clientsite.com, preview.clientsite.com, and api.clientsite.com — are added without additional verification. Monitoring staging and preview domains catches SSL expiry before client review sessions are interrupted. Monitoring the headless TYPO3 API domain catches backend SSL expiry before it surfaces as missing content on the frontend. Under two minutes per client.
02
CNAME integrity checks on TYPO3 site domains, CDN-routed domains, and hosting configurations
Three independent DNS resolvers check every CNAME delegation on every monitoring interval. When a client changes DNS provider and the new DNS zone is missing or modifying a CNAME that the certificate authority depends on for renewal validation, the mismatch is detected immediately — before the certificate expires. When a TYPO3 site is migrated from one server to another and a DNS record is not updated correctly, the break surfaces in the next monitoring interval rather than when the old certificate expires.
03
SSL monitoring 30 days before expiry across all TYPO3 site domains, staging environments, and API subdomains
Full SSL chain validation on every TYPO3 production site domain, staging and preview subdomain, and headless backend API subdomain. An expiry alert fires 30 days before the certificate expires — enough lead time to renew a server-managed certificate, verify Certbot cron on a VPS, or re-provision CDN SSL for a regional site domain before the next client review session hits an SSL error. All environments are monitored on the same 30-day lead time regardless of traffic volume.
04
Vendor status for TYPO3 hosting environments including Hetzner, IONOS, and European server providers
Merlonix monitors TYPO3 hosting platform status alongside client SSL and DNS. TYPO3 agencies in the DACH market frequently deploy on Hetzner, IONOS, Strato, and other European server providers. When a hosting provider incident causes SSL renewal failures or certificate validation issues across multiple client sites simultaneously, you see the vendor event — not a cascade of individual client alerts requiring separate investigation per site.
What the numbers mean for TYPO3 agencies
Monitoring built for TYPO3 agencies where one client installation means multiple site domains, staging instances, and headless API backends — all with independent SSL.
TYPO3 agencies managing enterprise multi-site installations need SSL monitoring that covers every site domain and staging environment — because staging SSL expiry interrupts client reviews at the worst moments, and headless API backend SSL expiry surfaces as missing content rather than a browser SSL warning.
< 10 min
Time from DNS change to alert — catches CNAME changes that block SSL renewal on TYPO3 site domains and headless API subdomains before certificates expire
30 days
SSL expiry warning lead time — enough time to renew a VPS certificate, re-provision CDN SSL for a regional site, or fix a staging environment Certbot cron before a client review session hits an SSL error
11 vendors
Upstream services monitored — European hosting providers included to distinguish platform incidents from individual TYPO3 site DNS changes causing SSL renewal failures
200 assets
Maximum monitored domains on the Agency plan — covers production site domains, staging and preview instances, and headless API subdomains across a full TYPO3 enterprise client roster
Pricing
Flat monthly fee. Every TYPO3 site domain, staging instance, and API subdomain included.
No per-domain charges. No per-site fees. Pick the tier that fits your TYPO3 client count and monitor every environment without billing surprises.
Starter
For individual TYPO3 developers managing a small client portfolio on a shared server or VPS.
$29/ month
- 10 monitored assets
- 1 seat
- 15-min check cadence
- SSL + DNS + vendor monitoring
- Email + Slack alerts
Team
For TYPO3 agencies managing multi-site installations, staging environments, and headless deployments.
$79/ month
- 50 monitored assets
- 5 seats
- 10-min check cadence
- SSL + DNS + vendor monitoring
- Email + Slack alerts
Agency
For agencies with a full TYPO3 enterprise client roster across multiple server environments.
$199/ month
- 200 monitored assets
- 15 seats
- 5-min check cadence
- SSL + DNS + vendor monitoring
- Email + Slack alerts
Know when a TYPO3 site domain, staging environment, or headless API backend SSL is about to expire.
Add your first TYPO3 client domain in under two minutes. Staging and preview instances, regional site domains, and headless backend API subdomains are monitored from the same dashboard. 14-day trial, no card required.