[{"data":1,"prerenderedAt":163},["ShallowReactive",2],{"blog-launch/hacker-news":3},{"id":4,"title":5,"body":6,"category":143,"date":144,"dateModified":144,"description":145,"draft":146,"extension":147,"faq":148,"featured":146,"headerVariant":149,"image":148,"keywords":148,"meta":150,"navigation":151,"ogDescription":152,"ogTitle":153,"path":154,"readTime":148,"schemaOrg":155,"schemaType":156,"seo":157,"sitemap":158,"stem":159,"tags":160,"twitterCard":161,"__hash__":162},"blog/blog/launch/hacker-news.md","Hacker News Launch Security Checklist: 12 Items Before Posting",{"type":7,"value":8,"toc":137},"minimark",[9,19,22,44,62,81,97,102,105,108],[10,11,12,16],"tldr",{},[13,14,15],"p",{},"TL;DR",[13,17,18],{},"HN readers are technically savvy and will probe your app. Before posting your Show HN, hide sensitive endpoints, verify your error messages don't leak info, prepare for the \"hug of death\" traffic spike, and have a plan for handling security reports from the community.",[20,21],"print-button",{},[23,24,27,32,36,40],"checklist-section",{"count":25,"title":26},"4","Technical Scrutiny Prep",[28,29],"checklist-item",{"description":30,"label":31},"HN users will try /admin, /debug, /.git, /api/docs, etc.","Hide admin and debug endpoints",[28,33],{"description":34,"label":35},"Stack traces, database errors, and config details should be hidden.","Check error messages",[28,37],{"description":38,"label":39},"Remove server version info. Add security headers.","Review HTTP headers",[28,41],{"description":42,"label":43},"Don't accidentally expose sensitive URLs.","Test robots.txt and sitemap",[23,45,47,50,54,58],{"count":25,"title":46},"Traffic and Performance",[13,48,49],{},"::checklist-item{label=\"Prepare for the \"hug of death\"\" description=\"HN front page can send massive traffic. Can you handle it?\"}\n::",[28,51],{"description":52,"label":53},"Static pages should be cached. Use a CDN.","Enable aggressive caching",[28,55],{"description":56,"label":57},"Protect against scraping and abuse.","Set up rate limiting",[28,59],{"description":60,"label":61},"If the app goes down, show a simple landing page.","Have a static fallback",[23,63,65,69,73,77],{"count":25,"title":64},"Community Response",[28,66],{"description":67,"label":68},"HN users will find issues. Know how to receive and respond.","Prepare for security reports",[28,70],{"description":71,"label":72},"security.txt or contact email should be easy to find.","Add security contact info",[28,74],{"description":75,"label":76},"Monitor comments. Fix reported issues fast.","Be ready to respond quickly",[28,78],{"description":79,"label":80},"Accept valid criticism gracefully. HN respects humility.","Don't get defensive",[82,83,84,91],"faq-section",{},[85,86,88],"faq-item",{"question":87},"Will HN users try to hack my app?",[13,89,90],{},"Yes, in a friendly way. The HN community includes security researchers who will check for obvious issues. They'll report them in comments or privately. This is actually helpful, but embarrassing if your app has basic flaws.",[85,92,94],{"question":93},"How much traffic does the HN front page bring?",[13,95,96],{},"A front page post can bring 20,000-100,000+ visitors in a few hours. The spike is intense but short-lived. Most small apps struggle to handle it without preparation.",[98,99,101],"h3",{"id":100},"scan-before-your-show-hn","Scan Before Your Show HN",[13,103,104],{},"Find issues before HN commenters do.",[13,106,107],{},"Start Free Scan",[109,110,111,117,122,127,132],"related-articles",{},[112,113],"related-card",{"description":114,"href":115,"title":116},"Comprehensive pre-launch security checklist for SaaS products. 20 essential items covering authentication, data protecti","/blog/launch/saas-launch","SaaS Product Launch Security Checklist: 20 Items Before Going Live",[112,118],{"description":119,"href":120,"title":121},"Security checklist for scaling preparation. 14 essential items to verify before rapid growth, covering infrastructure, s","/blog/launch/scaling-prep","Scaling Prep Security Checklist: 14 Items Before Rapid Growth",[112,123],{"description":124,"href":125,"title":126},"Security checklist for soft launches. 12 essential items to verify before releasing to a limited audience, with focus on","/blog/launch/soft-launch","Soft Launch Security Checklist: 12 Items Before Limited Release",[112,128],{"description":129,"href":130,"title":131},"Security checklist for public API launches. 16 essential items to verify before opening your API to external developers,","/blog/launch/api-public-launch","API Public Launch Security Checklist: 16 Items Before Opening Your API",[112,133],{"description":134,"href":135,"title":136},"Security checklist for beta launches. 14 essential items to verify before inviting your first beta users, including data","/blog/launch/beta-launch","Beta Launch Security Checklist: 14 Items Before Inviting Beta Users",{"title":138,"searchDepth":139,"depth":139,"links":140},"",2,[141],{"id":100,"depth":142,"text":101},3,"launch","2026-02-09","Security checklist for Hacker News launches. 12 essential items to verify before posting your Show HN, including handling technical scrutiny and traffic spikes.",false,"md",null,"orange",{},true,"Security checklist for HN launches. 12 items before your Show HN post.","Hacker News Launch Security Checklist","/blog/launch/hacker-news","[object Object]","Article",{"title":5,"description":145},{"loc":154},"blog/launch/hacker-news",[],"summary_large_image","NDiPiumI-4nxfP7kBFrCxWMFH1D4c1wEsyiKT4OJKVM",1775843921226]