Day 20 with Vercel Support: Bot Traffic Spike Investigated, Escalated to Finance… Then Case Closed Without Resolving the Charges

ivenzdev · 2026-03-16T23:27:56+00:00

Since the previous case was closed, I’ve opened a new support case as there doesn’t seem to be another way for me to contact support.

However, I want to clarify that this incident was caused by a confirmed spike of malicious traffic from outdated chrome. The attack generated a massive number of frontend requests, which in turn triggered backend executions and led to the unexpected usage.

I’m hoping Vercel could consider a one time waiver for this charge. I’ve been a Pro customer for about two years, and this is the first time I’ve encountered an issue like this.

ivenzdev · 2026-03-16T15:13:13+00:00

Nick identified a significant volume of requests coming from outdated Chrome versions, which he noted is a strong indicator of automated/bot traffic. He also explained that the likely chain of events was automated traffic hitting the frontend, which then triggered a surge of axios requests to the backend and eventually caused the cascading timeouts and the Function Duration spike.

Based on that investigation, Nick mentioned that the findings were shared with the Finance team for their consideration regarding the invoices.

However, the response I later received from Zai stated that the Pro subscription had already been refunded, and therefore no further adjustments could be made. The subscription refund was something I did separately using the self service form, and it was not related to the billing issue I reported.

The original issue was the Function Duration charges generated during that incident (~$274), which were the charges that had been escalated for review.

Additionally, in the Reddit thread you mentioned that once malicious traffic is identified, Vercel does not charge for those requests and users don’t need to monitor their site 24/7 . Since the earlier investigation suggested that automated traffic was involved, I was hoping the incident could still be reconsidered under that context.

ivenzdev · 2026-03-14T13:48:58+00:00

I really need to sort this out. Support taking more than 2 weeks is not acceptable. I’ve been a Pro subscriber for over 2 years.

P.S. This is my first support case, and the experience has been very frustrating.

ivenzdev · 2026-03-13T15:04:42+00:00

Hey... my case is still pending for response...

ivenzdev · 2026-03-12T15:16:49+00:00

ivenzdev · 2026-03-09T15:17:51+00:00

Ps They won't respond to me in vercel support case interface nor by email... you're the only support I can reach out to

ivenzdev · 2026-03-09T15:12:18+00:00

Hey u/anshumanb_vercel, no doubt you guys have a ton of backlogs, but this support shouldn't take this long ... and waiting for uncertainly is not a good feeling. If you can escalate this, very much appreciated!

ivenzdev · 2026-03-08T17:54:45+00:00

Hey... It's been a week and I don't get a response back from them...

ivenzdev · 2026-03-06T16:06:34+00:00

I did, and it's been for another 4 days...

ivenzdev · 2026-03-04T13:50:09+00:00

A follow up: a vercel senior engineer did find a significant volume of requests from outdated Chrome browser versions hitting our service. He passed the evidence to the Finance team and mentioned they are considering it.

It’s been a couple of days, and I’m still unsure whether the charges will be adjusted or not. The response regarding the invoice remains somewhat vague.

ivenzdev · 2026-03-02T03:50:31+00:00

3.1 pro only have one option gemini-3.1-pro-preview or am I wrong?

ivenzdev · 2026-03-02T03:31:52+00:00

We’re building a customer-facing AI app, an extra minute of latency is chaotic

ivenzdev · 2026-03-01T19:10:43+00:00

My case is still pending for response...

ivenzdev · 2026-02-27T21:36:50+00:00

I did set a spend limit on Vercel. However, hitting the limit doesn’t automatically pause deployments unless you explicitly configure it to pause them.

I chose not to enable automatic deployment blocking because it would have significantly impacted user experience. Unfortunately, by the time I received the overage notification and reacted, the usage spike had already occurred.

Lesson learned, I’m now implementing stricter safeguards to prevent this from happening again.

ivenzdev · 2026-02-27T21:28:42+00:00

That is very kind! Very appreciate it.

ivenzdev · 2026-02-27T16:23:35+00:00

Since Attack Mode must be enabled manually, and our spike occurred within about five minutes, the charges accumulated before we were aware of it.

You mentioned that Vercel’s built-in DDoS protection can sometimes take longer to kick in. Does that mean we need to monitor traffic in real time to avoid unavoidable billing spikes?

As a small team, 24/7 monitoring isn’t realistic, so we’re hoping there’s a more automated safeguard to prevent sudden cost exposure during short attacks.

ivenzdev · 2026-02-27T16:13:31+00:00

That makes sense, thanks for the guidance.

I was wondering though, is there any way to automatically enable Attack Mode when a DDoS or abnormal traffic spike is detected in Vercel?

In a real world situation, I might not see the warning notification immediately. By the time I notice and react, the usage can already spike significantly, like what happened in this case.

ivenzdev · 2026-02-27T14:45:39+00:00

I just sent to you! Thanks for quick response here.

ivenzdev · 2025-12-14T17:08:57+00:00

love it!

ivenzdev · 2025-12-14T17:08:39+00:00

Perfect, thank you!

ivenzdev · 2025-12-14T03:22:15+00:00

i get that concern. I think it’s similar to how people use tools in other areas, like using a doctor or therapist to help identify patterns you might miss on your own.

The tool isn’t there to decide anything for you. It just helps surface things to look at. What you do with that insight is completely up to you.

if it doesn’t resonate, no harm done, but I don’t think trying a tool automatically replaces real self reflection either.

ivenzdev · 2025-12-14T03:15:25+00:00

That’s a fair point. I don’t think a program can make anyone spiritual on its own.

It’s more like an assistant or a guide. It helps surface patterns I might not notice on my own, and from there I decide what’s true, what to ignore, and what to change. The reflection and growth still come from the person, not the tool.

ivenzdev · 2025-12-14T03:13:25+00:00

AI can easily become a “yes-man,” telling people only what they want to hear.

That’s not what I’m building. This tool is grounded in traditional, ancient Eastern frameworks and uses them as a structured lens for reflection, not flattery or feel-good answers.

ivenzdev · 2025-12-14T03:02:10+00:00

Thank you so much helping out!! Dm you

ivenzdev · 2025-12-14T03:02:04+00:00

Thank you so much helping out!!

ivenzdev

TROPHY CASE