// docs / quotas & limits

Kwoti u limiti

Kull valur ta' quota u rate-limit hawn taħt jiġi derivat mill-modulu tal-entitlements fil-ħin tal-build, għalhekk din il-paġna qatt ma tista' titbiegħed minn dak li s-server fil-fatt jinforza.

Entitlements għal kull livell

	B'xejn	Hobby	Pro	Illimitato
Scans / xahar	3	50	200	Pjan Unlimited¹
Proġetti (domains verified)	1	1	5	20
Tokens tal-API	0	1	5	20
Webhook endpoints	0	1	5	20
Probes attivi	le	iva	iva	iva
GitHub repo scans	le	le	iva	iva
Re-scans skedati	le	le	cadence ≥3h	≥6h cadence
Skoperta diretta tat-theddid	le	le	le	iva
Sharable reports	le	le	iva	iva
Żamma	7 ijiem	30 ijiem	90 ijiem	365 ijiem
Postijiet tat-team	1	1	1	5
Appoġġ	standard	standard	prijoritarju	dedikat

¹ The Unlimited plan's scan quota is subject to fair use — see Terms. ² The project cap defaults to 20 active-monitoring domains at ≥6h cadence. Contact support@fixvibe.app to raise it in exchange for a longer scheduled cadence.

Limiti tar-rata tal-API

Kull request /api/v1/* u /api/mcp hija keyed fuq hash tal-bearer token u tgħaddi minn żewġ windows:

Burst: 10 requests kull sekonda.
Steady: 60 requests kull minuta.
Per signed-in user: 30 scan submissions per 10 minutes — a soft cap above the per-plan monthly quota that absorbs bursts without exhausting the daily budget.

Fuq 429, ir-response tinkludi:

http

HTTP/1.1 429 Too Many Requests
content-type: application/json
retry-after: 47
x-ratelimit-limit: 60
x-ratelimit-remaining: 0
x-ratelimit-reset: 1715116200

{
  "error": "rate_limited",
  "message": "Token rate limit exceeded — steady (60/min). Retry in 47s.",
  "retry_after_seconds": 47
}

Il-window li nqabeż jissejjaħ fil-message (burst (10/s) vs steady (60/min)) sabiex client backoff jista' jadatta.

Limitu tar-rata ta' scans tal-pjan Free (kull IP/24)

On top of the per-org 3-scans-per-month cap, Free plan users face an additional per-IP/24 rate limit: 3 scans per rolling 24 hours per IP /24 block. The same limiter covers anonymous instant scans, which prevents farming Free quota through throwaway accounts on one IP. Requests exceeding the limit return HTTP 429 Too Many Requests with a Retry-After header.

5 reġistrazzjonijiet ta' suċċess kull IP/24 kull 24 siegħa, biex tipprevjeni l-ħolqien awtomatizzat ta' accounts fuq il-pjan Free. Callbacks limitati jiddirezzjonaw lejn /sign-in?error=rate_limited.

Żamma

Scans + findings jitneħħew awtomatikament skont it-tabella ta' hawn fuq. Anonymous one-shot scans jiskadu 24h wara l-ħolqien. Audit logs jinżammu għal 18-il xahar. Monitor snapshots jitnaqqsu għall-aħħar 7 ijiem flimkien mal-aħħar baseline għal kull (domain, signal). Dismissed alerts jitneħħew wara 90 jum. Iż-żamma kollha tiġi infurzata kuljum minn /api/cron/retention-cleanup.

Entitlements għal kull livell

Limiti tar-rata tal-API

Limitu tar-rata ta' scans tal-pjan Free (kull IP/24)

Throttle tar-reġistrazzjoni (per IP/24)

Żamma