Abuse-Vector Limits
Abuse-Vector Limits
Velaro caps a small number of high-volume server-resource operations to keep
your billing predictable and protect the platform from runaway loops or
misconfigured automations. These caps reset on the 1st of each calendar
month (UTC).
The 5 abuse-vector caps
All values are per calendar month per site.
| Cap | What it limits | Hard safety ceiling |
|---|---|---|
Workflow Triggers (MaxWorkflowTriggersPerMonth) |
Every workflow start (Power Automate, Zapier, Make, AI bot handoff, scheduled trigger). | 50,000 |
Webhook Invocations (MaxWebhookInvocationsPerMonth) |
Inbound calls to Velaro webhook endpoints (Zapier, Make, Power Automate, Automation). | 50,000 |
HTTP Request Actions (MaxHttpRequestActionsPerMonth) |
Every httpRequest node fired by a workflow. |
100,000 |
Email Campaign Sends (MaxEmailCampaignSendsPerMonth) |
Per-recipient outbound CRM email campaign send. | 50,000 |
Workflow Evaluations (MaxWorkflowEvaluationsPerMonth) |
Every Hangfire scheduled trigger-rule evaluation pass (distinct from a trigger firing). | 200,000 |
Blob Upload Bytes (MaxBlobUploadBytesPerMonth) |
Total bytes uploaded to Velaro blob storage (file attachments, AI ingestion uploads, transcript exports). | 5 GB |
Why these limits exist
Each operation directly maps to Velaro's cost: Service Bus messages, outbound
HTTP transactions, ACS/SendGrid email charges, Cosmos DB queries, and Azure
Blob storage. Without caps, a single misconfigured Zapier loop or recursive
workflow could fire millions of operations and cost more than your monthly
plan.
Per-tier defaults
| Cap | Starter / Basic | Growth / Pro | Professional / Enterprise | Scale / Internal |
|---|---|---|---|---|
| Workflow Triggers / mo | 5K | 25K | 100K | 500K |
| Webhook Invocations / mo | 5K | 25K | 100K | 500K |
| HTTP-Request Actions / mo | 10K | 50K | 200K | 1M |
| Email Campaign Sends / mo | 5K | 25K | 100K | 500K |
| Workflow Evaluations / mo | 20K | 100K | 500K | 2M |
| Blob Upload Bytes / mo | 1 GB | 10 GB | 50 GB | 250 GB |
"Unlimited" is never truly unlimited
If your subscription has the cap set to 0 (raw unlimited), Velaro still
enforces a per-cap hard safety ceiling at the runner level (the values in
the table above). This is a platform-protection policy — runaway automations
cannot overwhelm Velaro infrastructure, even on enterprise plans.
To exceed a hard safety ceiling, contact support — we'll set an explicit
custom cap on your subscription.
Internal sites
Sites 1032 and 100050 (Velaro internal/demo) bypass all abuse-vector
caps. This is hard-coded — these are not customer-billable sites.
What happens when you hit a cap
- The action is blocked for the rest of the calendar month, or until the
cap is raised.
- A warning is written to your Integration Activity Log
(Settings → Integrations → Activity) with the current count and cap.
- The warning is throttled to once per 24 hours per cap so high-traffic
sites don't flood the log.
Where to view current usage
Admin → Billing & Usage — every metric above appears in the usage panel
with the current count, monthly cap, and a progress bar.
Raising a cap
- Self-serve: upgrade to a higher plan from Billing → Plan.
- Custom cap: contact support — we can set a custom value on your
subscription without changing your plan.
Best practices
- Use debounced triggers for high-volume external automations — fire one
Velaro workflow per batch, not one per source event.
- Avoid recursive workflows whose final action retriggers the same workflow.
- Compress large file uploads before sending; deduplicate where possible.
- For email campaigns, segment your contact list rather than blasting to all
contacts every send.
Related
- Workflow Triggers (the original abuse-vector cap, shipped 2026-05-08)
- Workflow Runs (separate metric, also capped per month)
- Active Workflows (how many published workflows you can have)
Was this article helpful?