diff --git a/server/pkg/controller/authenticator/controller.go b/server/pkg/controller/authenticator/controller.go
index 10b59210ccc..7f120b0d942 100644
--- a/server/pkg/controller/authenticator/controller.go
+++ b/server/pkg/controller/authenticator/controller.go
@@ -82,6 +82,9 @@ func (c *Controller) Delete(ctx *gin.Context, entityID uuid.UUID) (bool, error)
 
 // GetDiff...
 func (c *Controller) GetDiff(ctx *gin.Context, req model.GetEntityDiffRequest) ([]model.Entity, error) {
+	if req.Limit <= 0 || req.Limit > 5000 {
+		return nil, ente.NewBadRequestWithMessage("limit must be between 1 and 5000")
+	}
 	userID := auth.GetUserID(ctx.Request.Header)
 	return c.Repo.GetDiff(ctx, userID, *req.SinceTime, req.Limit)
 }
diff --git a/server/pkg/controller/replication3.go b/server/pkg/controller/replication3.go
index dfebf6fc9d1..e6472ac79fa 100644
--- a/server/pkg/controller/replication3.go
+++ b/server/pkg/controller/replication3.go
@@ -313,16 +313,21 @@ func (c *ReplicationController3) tryReplicate() error {
 	defer os.Remove(filePath)
 	defer file.Close()
 
-	size, err := c.downloadFromB2ViaWorker(objectKey, file, logger)
+	downloadedSize, err := c.downloadFromB2ViaWorker(objectKey, file, logger)
 	if err != nil {
 		return done(stacktrace.Propagate(err, "Failed to download object from B2"))
 	}
-	logger.Infof("Downloaded %d bytes to %s", size, filePath)
+	logger.Infof("Downloaded %d bytes to %s", downloadedSize, filePath)
+
+	if downloadedSize != ob.Size {
+		c.notifyDiscord(fmt.Sprintf("⚠️ Replication download size mismatch for %s: got %d bytes, expected %d", objectKey, downloadedSize, ob.Size))
+		return done(stacktrace.NewError("downloaded size (%d) does not match expected size (%d)", downloadedSize, ob.Size))
+	}
 
 	in := &UploadInput{
 		File:         file,
 		ObjectKey:    objectKey,
-		ExpectedSize: size,
+		ExpectedSize: ob.Size,
 		Logger:       logger,
 	}
 
diff --git a/server/pkg/controller/userentity/controller.go b/server/pkg/controller/userentity/controller.go
index 38b99fba22c..bc30911e36d 100644
--- a/server/pkg/controller/userentity/controller.go
+++ b/server/pkg/controller/userentity/controller.go
@@ -1,6 +1,7 @@
 package authenticaor
 
 import (
+	"github.com/ente-io/museum/ente"
 	model "github.com/ente-io/museum/ente/userentity"
 	"github.com/ente-io/museum/pkg/repo/userentity"
 	"github.com/ente-io/museum/pkg/utils/auth"
@@ -60,6 +61,9 @@ func (c *Controller) Delete(ctx *gin.Context, entityID string) (bool, error) {
 
 // GetDiff returns diff of EntityData for the given type
 func (c *Controller) GetDiff(ctx *gin.Context, req model.GetEntityDiffRequest) ([]model.EntityData, error) {
+	if req.Limit <= 0 || req.Limit > 5000 {
+		return nil, ente.NewBadRequestWithMessage("limit must be between 1 and 5000")
+	}
 	userID := auth.GetUserID(ctx.Request.Header)
 	return c.Repo.GetDiff(ctx, userID, req.Type, *req.SinceTime, req.Limit)
 }