FixWeb

// docs / domains

Domenlar

A domain is a verified hostname you own. Verifying once unlocks owner-depth scans, scheduled re-scans, and live website monitoring on that hostname.

Domenni tasdiqlash

Dashboard → Domains ga hostname qo‘shing. Ikki verification method’dan birini tanlang:

  • DNS TXT_fixweb.<hostname> ga biz generate qilgan token bilan record qo‘shing. Uni sizning serveringizdan emas, o‘z serverimizdan re-resolve qilamiz, shuning uchun SPF / DMARC settings xalaqit bermaydi. Typical propagation: 1-5 daqiqa; 10 daqiqa davomida har 30 soniyada re-check qilamiz.
  • HTTP file — token bilan kichik text file’ni /.well-known/fixweb-verification.txt da host qiling. Biz uni SSRF-guarded request path orqali HTTPS over fetch qilamiz.

Verifications domain-reverify cron orqali daily re-checked bo‘ladi. Agar oldin verified domain token’ni resolve qilmay qolsa (masalan, DNS record’ni olib tashlagansiz), verification revoked bo‘ladi va unga qarshi active scans qayta qo‘shmaguningizcha verify_required ga tushadi.

Scheduled re-scans Pro+

Pro rejasi tasdiqlangan domenni ≥3h tezlikda qayta skanlashi mumkin; Unlimited rejasi ≥1h tezlikda. Dashboard → Domenlar → Jadvalni oching, toggle-ni yoqing, tezlikni tanlang:

  • 1 soat — faqat Unlimited rejasida mavjud
  • 3h, 6h, 12h, daily, every 2 days, weekly

Har cron tick’da (har 15 min) scheduler due schedules’ni picks up qiladi, ularni next_run_at ustida optimistic compare-and-swap orqali claims qiladi (ikki cron double-enqueue qilmasligi uchun), scan-usage counter’ni increments qiladi va fresh passive scan enqueue qiladi. Scan domain-verification attestation’ingizni inherits qiladi — har run uchun qayta attest qilmaysiz — shuning uchun revoke qilish uchun schedule’ni o‘chiring.

Completion’da scan-completed email scheduled_scan_email preference orqali yuboriladi (Account → Settings da manage).

Live threat aniqlash Unlimited+

Unlimited rejasi rejalashtirilgan skanlar orasida har bir tasdiqlangan domenni uchta signal uchun avtomatik kuzatib boradi:

  • Certificate transparency — har 30 daqiqada crt.sh’dan hostname yoki istalgan subdomainingizni o‘z ichiga olgan new certs so‘raymiz. New certs new_certificate alert fire qiladi.
  • DNS diff — har 30 daqiqada A, AAAA, MX, TXT, NS, CNAME resolve qilamiz va last snapshot bilan compare qilamiz. Changes dns_change alert fire qiladi.
  • Threat-intel — har soatda apex hostname uchun Spamhaus DBL va URLhaus listings tekshiramiz. Listings threat_intel_listing alert fire qiladi.

Alerts content-hash signature bo‘yicha dedupe bo‘ladi, shuning uchun same change qayta detected bo‘lsa re-fire qilmaydi. Alerts’ni Dashboard → Domains → [domain] → Monitor da view / dismiss qiling. Email notifications threat_alert_email pref’ga amal qiladi.

Snapshot retention

Monitor snapshots 7 kundan keyin auto-prune bo‘ladi, lekin har (domain, signal-type) pair uchun eng recent baseline qoladi — keyingi diff to‘g‘ri bo‘lishi uchun u age’dan qat’i nazar saqlanadi. Dismissed alerts 90 kundan keyin purge bo‘ladi.

API yoki MCP orqali trigger qilish

Domain management hozircha UI-only — verification yoki schedule changes uchun API surface yo‘q. Already-verified domain’ga API orqali scan boshlash uchun POST /api/v1/scans ishlating:

curl
curl -X POST https://fixweb.app/api/v1/scans \
  -H "Authorization: Bearer fxw_..." \
  -H "content-type: application/json" \
  -d '{"target":"https://example.com"}'
Domenlar — Docs · FixWeb