tardy cape
I deployed my project in the Singapore region using a private domain and only shared it with a few friends.
However, I am receiving a large number of requests from other regions (such as the US and Europe),
which appear to be bot traffic. This is causing my serverless service to be triggered continuously.
When I deploy the same service on other platforms (DigitalOcean, Vercel), this issue does not occur.
Is this normal behavior ?
rotund kernel
I deployed my project in the Singapore region using a private domain and only sh...
Are you using a custom or generated domain?
If custom, are you using Cloudflare's proxy?
silent atlas
Seen this before.
I'd suggest using Cloudflare's DNS and enabling their proxy. This will prevent bots/scrapers like these that try to find common exploits/vulnerabilities.
tardy cape
I tried both and it’s still happening.
Yes, the custom domain is behind Cloudflare DNS.
If it’s a public domain, then I think this is normal.
But I just deployed it 1–2 days ago and no one knows about it yet, which is weird.
silent atlas
Go to your domain page in Cloudflare dashboard, Security > Settings
Then turn on what you can
I think that should prevent these bots from trying to hit these routes.
The key ones are stuff like block AI bots, bot fight mode, and browser integrity check.
restive lynx
I tried both and it’s still happening.
Yes, the custom domain is behind Cloudfla...
did you register the domain recently? the things theyre requesting are very common scans
ruby vapor
I would just like to mention that you were using a public domain.
tardy cape
Sorry for not being clear. Yes, this is a custom domain and also a public domain.
By “public domain,” I mean it’s new and no one knew about it before.
So it doesn’t make sense for bots to attack it like this.
silent atlas
Bots are constantly scraping the internet.
Looking for leaked information, vulnerabilities, exploits, etc.
tardy cape
Go to your domain page in Cloudflare dashboard, Security > Settings
Thanks. I’ve enabled blocking for AI bots and will see the results soon.
My point is that this is a private project and it’s serverless, but the requests keep waking the server up every day. 😅
tardy cape
Looking for leaked information, vulnerabilities, exploits, etc.
I’m just wondering, because other projects on the same domain (using subdomains and deployed on Railway) don’t have requests like this.
However, thanks everyone. I’ll continue investigating.
silent atlas
Well tbh, I'm not exactly sure how they even find domains like this in the first place.
I'm more or less making a general statement from what I know.
tardy cape
Well tbh, I'm not exactly sure how they even find domains like this in the first...
Yep, I agree. really appreciate this conversation. Thanks