Our API imposes several limitations from abuse and incorrect requirements.

Via one user account can be sent max. 1000 requests per hour. This applies to all requests of all types. When this limit is reached, additional requests are rejected until a timeout.

This limit can be individually increased.

To protect against abuse API interface or attacks on our system there is a limit of the number of invalid requests.

As invalid is considered requests:

• authorization failure – wrong request signature
• access from unauthorized IP addresses
• entry error – error while parsing, missing or incorrect parameters, unknown command, etc.
• commands ending with any mistake
• any request beyond the other restriction

When exceeding 10 invalid requests IP address is blocked for 60 seconds per number of failed requests. With each other faulty request is blocking time extending.

Each customer may enter up to max. 100 requests of domain availability per hour. This applies to command domain-check, domain-create a domain-transfer-check.

This limit can not be increased.