Published on 05 May 2020
We will be releasing two changes to our service to help ensure access for all customers as well as increase the overall stability of the ExaVault platform. For the overwhelming majority of our customers, these changes will be transparent with no impacts on how you use ExaVault.
During the months of May and June, we’ll be rolling out new global rate limits on all accounts to help maintain and improve the overall stability of the ExaVault platform.
Previously, we’ve imposed rate limits on various components of our service — for example, on the number of authentications or the number of downloads you can do via a direct file link. Going forward, we’ll have two global limits — one for total daily transactions, and one for connection rate (connections per second).
Beginning April 30, 2020, we will no longer allow more than ten connections per second to our service from any single IP address. If you try to make more than ten connections per second, your connection will not complete and you will need to wait at least one second before attempting the connection again.
Between April 30 and June 30, we will be rolling out a new daily transaction limit which will limit the number of total actions you can make on the ExaVault platform on a daily basis. The limit will be based on the number of API calls that you make to our backend API, regardless of whether those are via a login to our web application, via an FTP connection, or via a script you’ve written. Roughly speaking, each action in our platform (e.g. listing a directory on FTP or creating a share in the web interface) uses one API call. However, there are some cases where a single action may take two or three API calls to complete.
The rate limit will be global to your account — anybody logging into your account will share the same pool, so one user could make 120,000 transactions, or two users could make 60,000 each.
If you exceed your limit, you will be unable to use the service until the number of transactions falls under the limit for the previous 24 hour period. We use a rolling 24 hour period, so typically you’d need to wait just a minute or two before trying again.
Our median customer makes less than 1,000 API calls per day, so we don’t expect this change to affect many customers. We’ll be proactively reaching out to customers who are over the limit, in order to discuss options.
On approximately June 30, once the rollout of the new rate limit is complete, we’ll remove all old component-based rate limits, such as the 600 FTP logins per-hour limitation.
Direct file links are a feature that allows people to access files in your ExaVault account without logging into the system or using a share link. These links are used to provide access to files on a website or to send a link via email that doesn’t require tracking. Generally, these links are rarely used in an account unless there is a specific need for unrestricted access to a file.
We are tightening access to the ability to see and configure direct links. Going forward, only admin and master users will be able to set up direct links. Previously users without admin rights could control and see direct links if they were able to see all files in the account.
If you have any questions about these changes, please let us know. We’re looking forward to these new changes providing even more stability and better overall performance for you. Thanks for working with ExaVault!