Ask HN: Why does Deno Deploy block /wp-content?
For a website, which I once migrated from WordPress to Deno Deploy, I have a simple redirect in place for any files below /wp-content/. After I discovered that this redirect does not work anymore, I spent several hours searching for a bug in my own code or configuration. The culprit however, as I later found out, is Deno Deploy itself!
Take a look at https://deno.com/wp-content - unsurprisingly it will yield a 404. However, https://deno.com/should-not-exist will yield a different 404. The same applies for https://usefresh.dev/wp-content and presumably for any other website hosted on Deno Deploy.
Does anybody have an idea, why or when this bug might have been introduced?
I would guess permissions to that folder have been borked somehow.
When I looked the other day, Deno Deploy was hosting 46 websites, I tried a few but they all worked so I didn't land on your site.
As for a silent response, I've seen similar trying to mirror where what I'm using doesn't have the correct or necessary permissions or settings.
I'd suggest you contact Deno Deploy to find out why your redirect isn't working.
I already did but as I have the free tier, I am still waiting for a reply as of today :-)
WAF / firewall rule.
It's a common attack vector. Lots of scanners look for it.
That sounds somewhat plausible - maybe they can reduce CPU time wasted on scanners / crawlers this way.
Exactly. Every single site I've handled got this path scanned.