The first month on Vercel Pro, I looked at the billing page and thought: "Wait, I thought this was $20." It wasn't. The problem was that I didn't understand how Spend Management actually works.
This article explains how Vercel Pro's usage-based billing works, what's dangerous about the default settings, and exactly how to lock down your spending. If you're on the Hobby plan considering an upgrade, read this before you switch.
Vercel Pro Is Not a Flat $20/Month
Vercel Pro costs $20/month, but that's the platform fee, not a spending cap. Here's what that $20 actually covers:
| Resource | Included | Overage Rate |
|---|---|---|
| Fast Data Transfer (bandwidth) | 1 TB/month | $0.15/GB |
| Edge Requests | 10M/month | $2/1M requests |
| Function Invocations | 1M/month | $0.60/1M |
| Monthly Credit | $20 | — |
The $20 monthly credit offsets overage charges. Once the credit is used up, everything beyond is billed on-demand with no automatic cap.
Here's where it gets expensive. Bandwidth beyond 1 TB costs $0.15 per GB. That's $15 for 100 GB over, $75 for 500 GB. A traffic spike from a viral post or a bot crawling your site can rack up charges fast.
Is the Default Spend Management Actually Safe?
Since September 2025, new Pro teams have Spend Management enabled by default. Sounds reassuring. But look at what the defaults actually do.
Default configuration:
- Spend Management: ON
- Notification threshold: $200 (on-demand usage)
- Alerts at 50%, 75%, and 100% of the threshold
The question is whether your site stops when you hit the limit.
With default settings and no manual changes:
- You get an email around $100 in overages
- You hit $200 — another notification
- Your site keeps running
- Billing keeps accumulating
- End-of-month surprise
Real-World Billing Horror Stories
Think it won't happen to you? It has happened to others.
Cara (artist platform): $98,280
In June 2024, artists fled Instagram over Meta's AI policy changes, flooding Cara. Users surged from 40,000 to 650,000 in one week. Vercel Functions charges hit approximately $98,000.
Meta's crawler billing spike
A site using Middleware got hit with 11 million requests from Meta's crawler. Because Middleware executes on every request, Function Invocations exploded.
9,000 pageviews, $250/month
A site with just 9,000 monthly pageviews was paying $3,000/year. The cause: bot traffic combined with Middleware running on every request.
The common factors:
- Bot and AI crawler traffic
- Middleware executing on every single request
- Spend Management Pause not configured
How to Lock Down Your Vercel Billing
Configure Spend Management properly
- Vercel Dashboard → Settings → Billing
- Find the Spend Management section
- Set your spending limit (whatever you're comfortable paying beyond $20)
- Enable "Pause production deployment" — this is the critical step
- Confirm by entering your team name
With Pause enabled, all production deployments automatically stop when you hit your limit. Visitors see a 503 error, but no additional charges accrue.
Recovery note: Unpausing is manual and per-project. Projects don't automatically resume even if you raise the limit.
DDoS Protection: Attack Challenge Mode
Vercel provides free DDoS mitigation on all plans, including Hobby.
- Automatic DDoS mitigation: Always-on L3/L4/L7 attack detection and mitigation (all plans, no configuration needed)
- Attack Challenge Mode: When enabled manually, shows a challenge screen to all visitors to filter out bots
If you're under attack:
- Vercel Dashboard → Settings → Security
- Toggle Attack Challenge Mode ON
- Turn it OFF once the attack subsides
Hobby vs Pro: What's Actually Different
| Hobby (Free) | Pro ($20/month) | |
|---|---|---|
| Bandwidth | 100 GB/month | 1 TB/month |
| When exceeded | Site stops (no charges) | $0.15/GB usage-based billing |
| Commercial use | Not allowed | Allowed |
| DDoS protection | Auto mitigation + Challenge Mode | Same |
| Spend Management | Not needed | Available (configure it!) |
Hobby users have zero risk of unexpected charges. When you hit 100 GB, your site stops serving traffic. No billing occurs. However, commercial use violates the terms of service.
More people upgrade to Pro than need to. If you're running a personal blog or side project, you're unlikely to exceed 100 GB/month.
How to Estimate Your Monthly Bandwidth
To decide whether you need Pro, estimate your site's bandwidth consumption.
Monthly bandwidth ≈ Monthly pageviews × Average page size
Rough estimates (static Next.js site):
1 page ≈ 500KB–2MB (including images)
10K PV/mo × 1MB = ~10 GB
100K PV/mo × 1MB = ~100 GB (Hobby limit)
500K PV/mo × 1MB = ~500 GB (within Pro)
1M PV/mo × 1MB = ~1 TB (hitting Pro limit)
Under 100K monthly pageviews? Hobby is probably fine. Over 1M? Even Pro will have overages.
When Vercel Feels Too Expensive
Even with proper Spend Management, you might find that $20/month doesn't go far enough for your use case. At scale, Vercel's per-GB pricing adds up. The alternative is self-hosting on a VPS, where $4–12/month gets you equivalent capacity with no usage-based surprises. The tradeoff is managing infrastructure yourself — Vercel's "git push to deploy" experience is hard to replicate.
Wrapping Up
| Action | Why |
|---|---|
| Enable Spend Management Pause | Default only notifies — it won't stop charges |
| Set your limit to what you can afford | The $200 default may be too high |
| Know where Attack Challenge Mode is | So you can enable it immediately during an attack |
| Calculate whether you need Pro | Under 100K PV/month, Hobby is likely enough |
| Review your Middleware usage | Every request through Middleware = billable invocation |
Vercel is an excellent platform. But using it without understanding the billing model is a recipe for surprises. Five minutes of configuration now saves you from an uncomfortable invoice later.