FixWeb

// docs / domains

Domene

A domain is a verified hostname you own. Verifying once unlocks owner-depth scans, scheduled re-scans, and live website monitoring on that hostname.

Potvrđivanje domene

Dodajte hostname na Dashboard → Domains. Odaberite jednu od dvije verification methods:

  • DNS TXT — dodajte record na _fixweb.<hostname> s tokenom koji generišemo. Re-resolve ga s našeg servera, ne vašeg, pa SPF / DMARC settings ne smetaju. Tipičan propagation: 1-5 minuta; re-check svakih 30 sekundi 10 minuta.
  • HTTP file — hostujte mali text file na /.well-known/fixweb-verification.txt s tokenom. Fetchujemo preko HTTPS kroz SSRF-guarded request path.

Verifications se re-checked dnevno preko domain-reverify cron. Ako previously-verified domain prestane resolving token (npr. uklonili ste DNS record), verification se revoked i active scans protiv njega se vraćaju na verify_required dok ga ponovo ne dodate.

Zakazana ponovna skeniranja Pro+

Plan Pro može iznova skenirati potvrđen domen sa kadencom ≥3h; plan Unlimited sa ≥1h. Otvori Tabla → Domeni → Raspored, uključi prekidač i odaberi kadencu:

  • 1 sat — dostupno samo na planu Unlimited
  • 3h, 6h, 12h, dnevno, svaka 2 dana, sedmično

Na svaki cron tick (svakih 15 min) scheduler uzima due schedules, claims ih preko optimistic compare-and-swap na next_run_at (da se dva crons ne double-enqueue), increments vaš scan-usage counter i enqueues svjež passive scan. Scan nasljeđuje vašu domain-verification attestation — ne re-attest per run — zato disable schedule za revoke.

Po completion, scan-completed email ide koristeći preference scheduled_scan_email (upravljanje na Account → Settings).

Detekcija prijetnji uživo Unlimited+

Plan Unlimited automatski prati svaki potvrđen domen za tri signala između zakazanih skeniranja:

  • Certificate transparency — svakih 30 minuta query crt.sh za nove certs koji sadrže vaš hostname ili bilo koji subdomain. Novi certs aktiviraju new_certificate alert.
  • DNS diff — svakih 30 minuta resolve A, AAAA, MX, TXT, NS, CNAME i poredimo s last snapshot. Promjene aktiviraju dns_change alert.
  • Threat-intel — svaki sat provjeravamo Spamhaus DBL i URLhaus za listings apex hostname. Listings aktiviraju threat_intel_listing alert.

Alerts dedupe po content-hash signature tako da re-detecting iste promjene ne re-fire. View / dismiss alerts na Dashboard → Domains → [domain] → Monitor. Email notifications prate pref threat_alert_email.

Zadržavanje snapshot

Monitor snapshots auto-prune nakon 7 dana, osim najnovijeg baseline po (domain, signal-type) pair — taj ostaje bez obzira na age da sljedeći diff bude correct. Dismissed alerts purge nakon 90 dana.

Pokreni iz API ili MCP

Domain management je trenutno UI-only — nema API surface za verification ili schedule changes. Da pokrenete scan protiv already-verified domain preko API, koristite POST /api/v1/scans:

curl
curl -X POST https://fixweb.app/api/v1/scans \
  -H "Authorization: Bearer fxw_..." \
  -H "content-type: application/json" \
  -d '{"target":"https://example.com"}'
Domene — Docs · FixWeb