
Ask HN: Is it normal to get 100-200 req/day to an un-launched side project? - zffr
For fun I&#x27;ve been working on a tiny side project [1]. I haven&#x27;t told anyone about it yet, but I&#x27;m seeing about 100-200 random requests &#x2F; day in my nginx logs (does not include traffic from me, or search engine bots).<p>Most of the traffic seems to be from dumb bots that keep trying the same few PHP exploits on my server over and over. Other traffic seems more custom and looks like it is from someone trying to &quot;hack&quot; into my server using known exploits on common platforms like Wordpress. A few requests look like genuine users stumbling across the website. One person even made an account!<p>Is this kind of traffic normal for an un-launched side project?<p>I was expecting my nginx logs to be completely empty except for the few requests I&#x27;m making for testing. I was very surprised to see this amount of traffic considering I&#x27;ve never posted the URL publicly. This is one of my first website side projects so I really have no baseline for what is normal.<p>[1] Here&#x27;s the URL in case anyone is interested: https:&#x2F;&#x2F;wordz.io. I wonder if the extra traffic is because the domain name is relatively short and is a common mis-spelling of a common word. The project is just for fun, and not done yet.
======
rapnie
I'd say this is normal, but probably depends where you are hosted. E.g. IP
address ranges belonging to AWS are heavily monitored (I had an idle nginx +
docker + gitea EC2 hacked due to not updating for a while). Other software,
like Wordpress, may notify other servers about blog posts you create, drawing
organic traffic that way.

~~~
zffr
The project is currently hosted on digital ocean so I suppose some bots might
be monitoring those IP ranges too. Makes sense that these bots are monitoring
specific IP ranges instead of the whole internet.

~~~
rapnie
Yea, this will apply to DO the same as AWS. It is a bit scary all those
attacks, especially when not a sysadmin. After the hack I became more careful
and now consider e.g. running a VPS where the provider handles more of these
tasks for me.

