All Products
Search

This Product

    Security Center:Billing FAQ

    Document Center

    Security Center:Billing FAQ

    Last Updated:Jan 22, 2026

    This topic answers common questions about billing for Security Center renewals, upgrades, downgrades, and vulnerability fixes.

    How do I renew Security Center when it is about to expire?

    Your Security Center service has a validity period. You must renew the service before it expires to avoid service interruptions. For more information about how to renew the service, see Renewal policy (subscription).

    How far in advance can I renew a Security Center instance?

    There is no time limit for renewing Security Center. You can renew your instance at any time after purchase.

    Can I downgrade from Security Center Premium Edition to Anti-virus Edition during a renewal with a specification change?

    Yes, you can.

    When you renew with a specification change, you can downgrade or upgrade your edition. For example, if you have the Premium Edition, you can downgrade to the Anti-virus Edition, purchase only value-added services, or upgrade to the Enterprise or Ultimate Edition. For more information, see Renewal policy (subscription).

    How do I change the auto-renewal period or cancel auto-renewal?

    If you did not select Auto-renewal when you purchased Security Center and want to enable or cancel auto-renewal for your service, follow these steps:

    1. Go to the Renewal Management page in the Alibaba Cloud User Center and log on to your Alibaba Cloud account.

    2. On the Renewal Management page, to the right of the Service option, click Other Services. From the Other Services drop-down list, select Security Center.

    3. Select an operation as needed.

      • Enable auto-renewal: On the Renewal tab, find the instance and click Purchase and Activate in the Actions column. In the dialog box that appears, select a Subscription Duration. In the instance list, confirm the instance ID and instance name, and then click Purchase and Activate. The page redirects to the Auto-renewal tab, where you can view your modified instance.

      • Modify auto-renewal: On the Auto-renewal tab, find the instance and click Renewal Management in the Actions column. In the dialog box that appears, change the Renewal Duration and click OK.

      • Enable manual renewal (cancel auto-renewal): On the Auto-renewal tab, find the instance and click Auto-renewal is disabled. in the Actions column. In the dialog box that appears, confirm the instance ID and instance name, and then click OK to complete the operation.

    The Renew button is grayed out with the message "Your current number of authorizations is insufficient. Please upgrade to increase the number of authorizations before renewing."

    Symptom

    When you try to renew Security Center, the Renew Now button is grayed out with the message "Your current number of authorizations is insufficient. Please upgrade to increase the number of authorizations before renewing."

    Cause

    You purchased Security Center in full protection mode, and the number of protected servers in your account has exceeded the number of purchased authorizations (number of protected servers or cores).

    Solution 1

    First, perform an upgrade to ensure the number of servers in your account matches the number of purchased authorizations (number of protected servers or cores). Then, you can renew the service. For more information about how to upgrade a Security Center instance, see Upgrade and downgrade.

    Solution 2

    Switch from full protection mode to on-demand protection mode, and then renew the service. For more information about how to switch the protection mode, see How do I manually upgrade from full protection to on-demand protection mode?.

    What do I do if a RAM user has no permission to renew?

    By default, a newly created RAM user has no permissions. You must use your Alibaba Cloud account to grant the RAM user the required system policies for the User Center. Then, the RAM user can perform renewals. For more information, see Grant system policies to a RAM user.

    What do I do if the number of my servers exceeds the number of purchased authorizations?

    After you purchase a Security Center instance in full protection mode, if the number of your servers exceeds the purchased authorizations and you do not promptly increase the number of authorizations, the following issues may occur:

    • Security Center features may not work correctly.

    • You cannot renew the service upon expiration.

      When your Security Center service is about to expire, if the number of your servers exceeds the maximum number of authorizations, you must first upgrade to increase the number of authorizations before you can renew.

    If the number of your servers exceeds the maximum number of authorizations you selected when purchasing Security Center, you can follow these steps to increase the number of authorizations:

    1. Log on to the Security Center console.

    2. On the Overview page, click Upgrade Now.

    3. In the Upgrade Now panel, set the number of protected servers, read and select Service Agreements, and then click Upgrade Now.

    If you do not need to increase the number of authorizations, you can switch the protection mode from full protection to on-demand protection. The on-demand protection mode does not limit the number of purchased authorizations, so you will not encounter issues related to exceeding your authorization quota. After you switch to on-demand protection mode, you must bind authorizations to servers to specify which servers to protect. For more information about how to switch the purchase mode, see How do I manually upgrade from full protection to on-demand protection mode?.

    Can the subscription duration for upgraded server authorizations or value-added services be different from my existing Security Center subscription?

    No, it cannot.

    The subscription duration for upgraded server authorizations or value-added services must be the same as your existing Security Center instance. This means they must have the same expiration date. The upgrade fee is calculated as follows: (Fee for additional authorizations + Fee for value-added features) × Remaining validity period of the Security Center service (in seconds).

    Can I downgrade Security Center Enterprise Edition to the Free Edition?

    No, you cannot.

    You cannot manually downgrade a paid edition of Security Center (Anti-virus, Advanced, Enterprise, or Ultimate) to the Basic. A paid edition is automatically downgraded to the Basic after it expires.

    Why do I see the message "A pending renewal with a specification change exists. Upgrade or downgrade is not allowed." when I try to upgrade or downgrade?

    Symptom

    When you try to upgrade or downgrade Security Center, the Upgrade NowLevel or Buy Now button is grayed out, preventing you from submitting the order. The page displays the message "A pending renewal with a specification change exists. Upgrade or downgrade is not allowed."

    Cause

    You performed a renewal with a specification change before you tried to upgrade or downgrade. If a pending order for a renewal with a specification change exists, you cannot perform another upgrade or downgrade.

    In the upper-right corner of the console, you can choose View Bills > Order. On the Product Orders tab of the Orders page, set Service to Security Center and click Search to view recent renewal orders. Click Details in the Actions column of a renewal order to view the effective period and configuration of the pending order.

    Solution

    • If the configuration of the pending renewal order matches the configuration of the upgrade or downgrade you want to perform, you do not need to perform the operation again. Wait for the pending renewal order to take effect.

    • If the configuration of the pending renewal order does not match the configuration of the upgrade or downgrade that you want to perform, or if you want to change the configuration, you can submit a ticket to request the cancellation of the pending renewal order. Then, you can perform the upgrade or downgrade.

    After purchasing a subscription for vulnerability fixes, can I still enable pay-as-you-go for vulnerability fixes?

    No, you cannot.

    How do I switch from a subscription to pay-as-you-go for vulnerability fixes?

    After you purchase vulnerability fixes with a subscription, you cannot directly switch to the pay-as-you-go billing method. You can downgrade or request a refund for your Security Center instance and then enable the pay-as-you-go mode.

    • Downgrade:

      You can apply for a downgrade if you have not used any vulnerability fixes in the current billing cycle, which starts from the order date and ends at 00:00:00 on the same date of the next month. If you have used vulnerability fixes in the current billing cycle, you must wait until the next billing cycle begins. You can then apply for a downgrade, provided you have not used any vulnerability fixes in the new cycle.

      For example, you place an order on November 2, 2023, to purchase 20 vulnerability fixes for a subscription duration of two months. Your current billing cycle is from November 2, 2023, to December 2, 2023. On November 5, 2023, if you have not used any vulnerability fixes, you can directly disable the subscription by downgrading. If you have used vulnerability fixes, you must wait until 00:00:00 on December 3, 2023, to apply for a downgrade.

      1. Apply for a downgrade. When applying, you must select No for the vulnerability fix option. For more information, see Upgrade and downgrade.

      2. In the Security Center console, go to the Vulnerabilities page and click Purchase to enable pay-as-you-go for vulnerability fixing.

    • Refund:

      1. Submit a ticket to unsubscribe from your purchased Security Center instance.

      2. In the Security Center console, go to the Vulnerabilities page and click Purchase to enable pay-as-you-go for vulnerability fixing.

      3. (Optional) Purchase other Security Center services again. For more information, see Purchase Security Center.

    If I enable pay-as-you-go for vulnerability fixes and then purchase the Premium Edition or higher, will I continue to be charged?

    No, you will not. Servers that are bound to a Premium Edition or higher authorization can have vulnerabilities fixed with one click, with no limit on the number of fixes. If you enable pay-as-you-go for vulnerability fixes and then purchase the Premium Edition or higher, Security Center automatically disables the pay-as-you-go mode. You will not be charged for any future vulnerability fixes.

    Are unused vulnerability fixes from a monthly subscription carried over to the next month?

    No, it is not.

    The billing unit for subscription resources is one month. Unused quotas from the current billing cycle are cleared at the beginning of the next billing cycle. In the next billing cycle, the product quota that you purchased for that cycle is used. If you cannot estimate the number of vulnerability fixes that you need, we recommend that you enable pay-as-you-go for vulnerability fixes. For more information, see View and manage vulnerabilities.

    If you no longer need to use vulnerability fixes within the current billing cycle, you can downgrade to unsubscribe from the subscription service for vulnerability fixes. Security Center refunds the cost of the unused vulnerability fixes from the current billing cycle up to the expiration date of the Security Center instance. For more information, see Upgrade and downgrade.