diff --git a/server/app.py b/server/app.py
index 71959a5..bb0a453 100644
--- a/server/app.py
+++ b/server/app.py
@@ -34,7 +34,7 @@
     Request,
     User,
     XRequestIdMiddleware,
-    http_client,
+    external_http_client,
     pg,
     pg_pool_startup,
     redis_client,
@@ -192,7 +192,7 @@ async def startup_fetch_missing_users() -> None:
         return
 
     for user in s:
-        r = await http_client.get(f"https://api.bgm.tv/user/{user}")
+        r = await external_http_client.get(f"https://api.bgm.tv/user/{user}")
         data = r.json()
         await pg.execute(
             """
diff --git a/server/auth.py b/server/auth.py
index 7e95233..3792ff2 100644
--- a/server/auth.py
+++ b/server/auth.py
@@ -24,6 +24,7 @@
     RedirectException,
     Request,
     User,
+    external_http_client,
     http_client,
     pg,
     session_key_back_to,
@@ -170,7 +171,7 @@ async def callback(code: str, request: Request) -> Redirect:
 
     access_token = data["access_token"]
 
-    res = await http_client.get(
+    res = await external_http_client.get(
         "https://api.bgm.tv/v0/me", headers={"Authorization": f"Bearer {access_token}"}
     )
 
@@ -252,7 +253,7 @@ async def refresh_access_token(request: AuthorizedRequest, back_to: str) -> None
 
     access_token = data["access_token"]
 
-    res = await http_client.get(
+    res = await external_http_client.get(
         "https://api.bgm.tv/v0/me", headers={"Authorization": f"Bearer {access_token}"}
     )
 
diff --git a/server/badge.py b/server/badge.py
index c4b6be5..7ad2530 100644
--- a/server/badge.py
+++ b/server/badge.py
@@ -5,7 +5,7 @@
 
 from server.base import (
     disable_cookies_opt,
-    http_client,
+    external_http_client,
     pg,
     redis_client,
 )
@@ -111,7 +111,7 @@ async def __get_badge(count: int) -> bytes:
         else:
             color = "green"
 
-        res = await http_client.get(f"https://img.shields.io/badge/待审核-{s}-{color}")
+        res = await external_http_client.get(f"https://img.shields.io/badge/待审核-{s}-{color}")
         badge = res.content
         await redis_client.set(val_key, badge, ex=7 * 24 * 3600)
 
diff --git a/server/base.py b/server/base.py
index a038d14..cf1e958 100644
--- a/server/base.py
+++ b/server/base.py
@@ -75,7 +75,24 @@ class QueueItem:
 http_client = httpx.AsyncClient(
     follow_redirects=False,
     headers={"user-agent": "trim21/submit-patch"},
+    limits=httpx.Limits(
+        max_keepalive_connections=3,
+        max_connections=5,
+        keepalive_expiry=5,
+    ),
 )
+
+external_http_client = httpx.AsyncClient(
+    follow_redirects=False,
+    headers={"user-agent": "trim21/submit-patch"},
+    limits=httpx.Limits(
+        max_keepalive_connections=3,
+        max_connections=5,
+        keepalive_expiry=5,
+    ),
+)
+
+
 pg = asyncpg.create_pool(dsn=PG_DSN, server_settings={"application_name": "patch"})
 
 
diff --git a/server/contrib.py b/server/contrib.py
index 92dbd2c..f6b57f1 100644
--- a/server/contrib.py
+++ b/server/contrib.py
@@ -23,6 +23,7 @@
     AuthorizedRequest,
     QueueItem,
     Request,
+    external_http_client,
     http_client,
     patch_keys,
     pg,
@@ -41,7 +42,7 @@
 
 
 async def _validate_captcha(cf_turnstile_response: str) -> None:
-    res = await http_client.post(
+    res = await external_http_client.post(
         "https://challenges.cloudflare.com/turnstile/v0/siteverify",
         data={
             "secret": TURNSTILE_SECRET_KEY,