u/jaeone22

It's not quite as smooth as the iOS version yet, but first impressions are pretty good.

I run a few small SaaS platforms and static websites.

When my websites were first launched, I didn't pay much attention because there were only very basic scanning attempts, like trying to load WordPress wp-admin.php pages.

However, starting a few weeks ago, I've noticed attempts to perform SQL injections or extract server information through feedback forms, login forms, and other POST requests.

These requests are coming in every hour. After checking hundreds of log entries, they seem to follow the same patterns as Burp Suite’s automated scanning features. When I double-checked with Claude, it also suggested these look like scans from Burp or ZAP. (I've attached images of two log entries: https://cln.sh/VSw3xy6Q)

About once a week, in addition to these automated requests, I occasionally see attacks that aren't automated scans but seem to actually consider the website's structure. (Last week, there was a 30-minute attempt specifically trying to bypass the CAPTCHA on the login form.)

I'm very interested in cybersecurity, but since I'm just a student still learning and without professional experience, I'm not very familiar with attack attempts or patterns on live services. So, I have a few questions:

1. Are attack attempts common even for small websites (less than 50 daily visitors)?
2. I understand that Cloudflare blocks most SQL injection attempts before they even reach the server. Is this feature actually effective in practice?
3. Besides these two questions, if anyone working in this field has any tips or other useful info, I’d really appreciate it if you could share.

Lastly, this post might feel a bit awkward or sound like it was written by an AI. I live in a non-English speaking country and my English isn't great, so I used a translator for this post. Please bear with me.