Hi, I’ve seen a bunch of WordPress files/URLs, like mydomain.com/wp-admin etc. We have deployed a Nuxt app, not WordPress. Where is this coming from?! The files are not accessible and lead to a 404 page in our Nuxt app.
What is this?
Hi, @phillipmohr! Welcome to the Vercel Community 
What you’re seeing in your Vercel Usage dashboard is not actually WordPress files or URLs present in your Nuxt application.
Many bots and automated tools constantly scan websites for vulnerabilities. WordPress, being one of the most popular content management systems, is a common target. These bots are attempting to access WordPress-specific paths on your domain, regardless of whether you’re actually using WordPress.
When these bots try to access these non-existent WordPress paths on your Nuxt app, they receive a 404 (Not Found) response. This is the correct behavior, as these paths don’t exist in your application.
I see the same in one of my websites, which is a simple React app hosted on Vercel:
Next steps
- You don’t need to do anything about these requests. Your Nuxt app is handling them correctly.
- Keep an eye on the bandwidth used by these requests. A sudden, significant increase might indicate more targeted scanning activity.
- Ensure your Nuxt app and Vercel settings are configured securely. This includes keeping your dependencies up-to-date and using Vercel’s security features.
Let us know if you have any more questions!
1 Like
Oh okay, thank you very much for clarifying! 
1 Like
No worries! Have a good day!
You get to see how popular you are with the bots it’s kind of fun I get around 120k requests to different wp and wp extension urls a month on a NextJS site, the more popular your site gets the more bot requests trying to dig up vulnerabilities you end up with
1 Like
This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.