FixWeb

// docs / domains

Duminii

A domain is a verified hostname you own. Verifying once unlocks owner-depth scans, scheduled re-scans, and live website monitoring on that hostname.

Verifying a duminiu

Add a hostname at Dashboard → Duminii. Pick one of two verification methods:

  • DNS TXT — add a record at _fixweb.<hostname> cù u token noi generate. We re-resolve it da our server, not yours, so SPF / DMARC settings don't interfere. Typical propagation: 1-5 minutes; noi re-check ogni 30 seconds per 10 minutes.
  • HTTP file — host a small text file at /.well-known/fixweb-verification.txt cù u token. We fetch over HTTPS via u SSRF-guarded dumanda path.

Verifications sò re-checked daily by u domain-reverify cron. If a previously-verified duminiu stops resolving u token (e.g. voi removed u DNS record), u verification hè revoked è active scansioni against it drop back à verify_required until voi re-add it.

Scheduled re-scansioni Pro+

U pianu Pro pò riscanà un duminiu verificatu à una cadenza ≥3h; u pianu Unlimited à ≥1h. Aprite Cruscotto → Duminii → Calendariu, attivate u toggle, sceglite una cadenza:

  • 1 ora — dispunibile solu nant'à u pianu Unlimited
  • 3h, 6h, 12h, daily, ogni 2 days, weekly

Every cron tick (ogni 15 min) u scheduler picks up due schedules, claims them via an optimistic compare-è-swap on next_run_at (so two crons pò't double-enqueue), increments u vostru scansione-usage counter, è enqueues a fresh passive scansione. The scansione inherits u vostru duminiu-verification attestation — voi don't re-attest per run — so disable u schedule à revoke.

On completion, u scansione-completed email goes out using u scheduled_scan_email preference (manage at Account → Settings).

Live threat detection Unlimited+

U pianu Unlimited surveglia autumaticamente ogni duminiu verificatu per trè signali trà e scani prugrammate:

  • Certificate transparency — ogni 30 minutes noi query crt.sh per novu certs containing u vostru hostname o any subdomain. New certs fire a new_certificate allarme.
  • DNS diff — ogni 30 minutes noi resolve A, AAAA, MX, TXT, NS, CNAME è compare against u last snapshot. Changes fire a dns_change allarme.
  • Threat-intel — ogni hour noi check Spamhaus DBL è URLhaus per listings of u apex hostname. Listings fire a threat_intel_listing allarme.

Alerts dedupe on a content-hash signature so re-detecting u same change doesn't re-fire. View / dismiss allarmi at Dashboard → Duminii → [duminiu] → Monitor. Email notifications follow u threat_alert_email pref.

Snapshot retention

Monitor snapshots auto-prune after 7 days, except u most recent baseline per (duminiu, signal-type) pair — that one stays regardless of age so u next diff hè correct. Dismissed allarmi purge after 90 days.

Trigger da API o MCP

Domain management hè currently UI-only — nò API surface per verification o schedule changes. To start a scansione against an already-verified duminiu via API, use POST /api/v1/scans:

curl
curl -X POST https://fixweb.app/api/v1/scans \
  -H "Authorization: Bearer fxw_..." \
  -H "content-type: application/json" \
  -d '{"target":"https://example.com"}'
Duminii — Docs · FixWeb