Suppose my web server is on the public internet.
It's not behind firewall hardware.
It does use HTTPS, and it has its OS firewall software turned on - but this is the only security mechanism in place.
Are there published statistics of such a web server getting hacked?
Feel free to make any assumptions about OS, web server, framework, language, type of site, etc - I am interested in general statistics and information. (Similar to how an unpatched Windows XP would be attacked within 7 seconds of getting online... )