Telegram data
Telegram user IDs, chat IDs, group chat IDs, usernames, display names, message commands, and callback button actions may be stored so the bot can identify which chat owns a server and where alerts should be sent.
Privacy policy
Privacy Policy
Online Server Monitor is designed to monitor Linux servers from Telegram, Chrome or Firefox without collecting SSH passwords, root passwords, private keys, or hosting panel credentials.
Last updated: May 20, 2026
Plain-language summary
Online Server Monitor connects your Linux server to Telegram and browser interfaces through a local agent installed on your server. The service receives metrics and service states from that agent, sends alerts, and can queue a small set of maintenance actions that the local agent executes only after authentication.
The backend does not log in to your server over SSH. You do not give the bot your SSH password, root password, server control panel password, database password, or private SSH key.
What we never collect
- We do not request or store SSH passwords.
- We do not request or store root passwords.
- We do not request or store private SSH keys.
- We do not request or store hosting panel, database, email, FTP, or cloud provider passwords.
- We do not copy website files, databases, private application code, emails, or arbitrary server files.
- We do not sell monitoring data or use it for advertising profiles.
Data we process
The service processes only the information needed to pair a server, show its status, send Telegram alerts, tune thresholds, and run allowed maintenance actions.
Server agent data
The local agent can send hostname, operating system, kernel, uptime, CPU usage, RAM usage, disk usage, inode usage, load average, discovered web domains, SSL certificate expiry data, IP-related connection metadata, and detected systemd service states.
Security data
The service stores one-time pairing code hashes, agent IDs, hashed agent secrets, command IDs, command status, timestamps, and audit records needed to authenticate the agent and prevent unauthorized commands.
Operational logs
Application logs may include event status, command results, Telegram API delivery status, non-sensitive errors, and timestamps needed for troubleshooting and reliability.
Pairing and local agent security
When you send /add_server in Telegram, the bot creates a short-lived one-time pairing code and shows an install command. The code is used only to connect the server to the Telegram chat that requested it. Pairing codes expire quickly and are stored as hashes, not as plain reusable secrets.
After pairing, the installed agent receives its own secret. That secret is stored locally on the monitored server and as a hash on the backend. The agent calls the backend over HTTPS; the backend does not open an SSH session to the server.
Maintenance actions
Telegram buttons can request allowed actions such as restarting detected services, cleaning old journal logs, running logrotate, changing alert thresholds, or rebooting the server after explicit confirmation. Commands are signed, short-lived, audited, and limited to the action types supported by the agent.
The bot is not a remote shell. It does not accept arbitrary shell commands from Telegram users, and it does not expose raw server terminal access.
Code transparency
The service is designed so server owners can understand the pairing flow, local agent authentication, metrics collection, and allowlisted maintenance commands.
A public repository URL is not required to use this deployment and no repository link is published on this privacy page.
Retention and deletion
Monitoring records are kept while the server remains connected. Operational logs and audit records may be kept for service reliability, abuse prevention, troubleshooting, and security review.
A server can be removed from the service storage by deleting its server record. After removal, future alerts and commands for that server stop. Local agent files remain on the server until the server owner uninstalls the agent.
Third parties
The service uses the Telegram Bot API to send and receive bot messages. Telegram processes messages according to Telegram policies. The current concept does not require an external monitoring API, advertising network, or third-party analytics platform.
Contact and changes
For privacy, removal, or security questions, contact the site owner responsible for this deployment. This policy may be updated when the service adds new features or changes how data is processed.