FixWeb

// docs / domains

Ngā rohe

A domain is a verified hostname you own. Verifying once unlocks owner-depth scans, scheduled re-scans, and live website monitoring on that hostname.

Te whakamana i tētahi rohe

Tāpirihia he hostname ki Dashboard → Domains. Kōwhiria tētahi o ngā tikanga whakamana e rua:

  • DNS TXT — tāpirihia he record ki _fixweb.<hostname> me te token ka hangaia e mātou. Ka re-resolve mātou i tō mātou server, ehara i tōu, kia kore ai ngā tautuhinga SPF / DMARC e whakararuraru. Wā propagation noa: 1-5 meneti; ka re-check mātou ia 30 hēkona mō te 10 meneti.
  • HTTP file — manaakihia he kōnae kuputuhi iti ki /.well-known/fixweb-verification.txt me te token. Ka fetch mātou mā HTTPS mā te ara tono kua SSRF-guarded.

Ka re-checked ngā verifications ia rā e te cron domain-reverify. Ki te mutu te resolve a tētahi domain kua verified i te token (hei tauira, i tangohia e koe te DNS record), ka revoked te verification, ā, ka hoki ngā active scans ki taua domain ki verify_required kia tāpirihia anō e koe.

Ngā scheduled re-scans Pro+

Ka taea e te mahere Pro te tirotiro anō i tētahi rohe i whakaūngia ki te kanikani ≥3h; te mahere Unlimited ki te ≥1h. Whakatuwheratia Papatohu → Rohe → Hōtaka, whakahohea te toggle, kōwhirihia he kanikani:

  • 1 hāora — ka wātea i te mahere Unlimited anake
  • 3h, 6h, 12h, ia rā, ia 2 rā, ia wiki

I ia cron tick (ia 15 min) ka tiki te scheduler i ngā due schedules, ka claim mā te optimistic compare-and-swap ki next_run_at (kia kore ai e rua ngā crons e double-enqueue), ka whakapiki i tō scan-usage counter, ā, ka enqueue i tētahi passive scan hou. Ka riro i te scan tō domain-verification attestation — kāore koe e re-attest ia rerenga — nō reira whakawetohia te schedule hei revoke.

Ina oti, ka tukuna te scan-completed email mā te preference scheduled_scan_email (whakahaere ki Account → Settings).

Kitenga mōrearea ora tonu Unlimited+

Ka tirotirohia aunoatia e te mahere Unlimited ia rohe kua whakaūngia mō ngā tohu e toru i waenganui i ngā matawai kua whakaritea:

  • Certificate transparency — ia 30 meneti ka ui mātou ki crt.sh mō ngā cert hou kei roto tō hostname, tētahi subdomain rānei. Ka whakakā ngā cert hou i tētahi alert new_certificate.
  • DNS diff — ia 30 meneti ka resolve mātou i A, AAAA, MX, TXT, NS, CNAME, ā, ka whakataurite ki te snapshot whakamutunga. Ka whakakā ngā panoni i tētahi alert dns_change.
  • Threat-intel — ia hāora ka tirohia e mātou a Spamhaus DBL me URLhaus mō ngā listings o te apex hostname. Ka whakakā ngā listings i tētahi alert threat_intel_listing.

Ka dedupe ngā alerts mā te content-hash signature kia kore te kitenga anō o te panoni kotahi e fire anō. Tirohia / dismiss ngā alerts ki Dashboard → Domains → [domain] → Monitor. Ka whai ngā īmēra whakamōhio i te pref threat_alert_email.

Pupuri snapshot

Ka auto-prune ngā monitor snapshots i muri i te 7 rā, hāunga te baseline tino hōu mō ia takirua (domain, signal-type) — ka noho tonu taua mea ahakoa te pakeke kia tika ai te diff e whai ake. Ka purge ngā dismissed alerts i muri i te 90 rā.

Whakakā mai i te API, MCP rānei

Ko te whakahaere domain he UI-only i tēnei wā — kāore he API surface mō te verification, ngā schedule changes rānei. Hei tīmata i tētahi scan ki tētahi already-verified domain mā te API, whakamahia POST /api/v1/scans:

curl
curl -X POST https://fixweb.app/api/v1/scans \
  -H "Authorization: Bearer fxw_..." \
  -H "content-type: application/json" \
  -d '{"target":"https://example.com"}'
Ngā rohe — Docs · FixWeb