xmlrpc.php攻撃

なんか重いから、( ◠‿◠ )☛ vi access.log

venus.sfdns.net – – [17/Sep/2016:17:04:16 +0900] “GET /xmlrpc.php HTTP/1.0” 405 42 “-” “WordPress”
gw-cluster011.ovh.net – – [17/Sep/2016:17:04:17 +0900] “GET /xmlrpc.php HTTP/1.0” 405 42 “-” “WordPress”
acorn.omniadata.co.uk – – [17/Sep/2016:17:04:16 +0900] “GET /xmlrpc.php HTTP/1.0” 405 42 “-” “wp-android”
axxess11.dedicated.co.za – – [17/Sep/2016:17:04:17 +0900] “GET /xmlrpc.php HTTP/1.0” 405 42 “-” “Poster”
mj12bot.com – – [17/Sep/2016:17:04:16 +0900] “GET /archives/tag/%E8%87%A8%E6%99%82%E5%88%97%E8%BB%8A HTTP/1.1” 200 10007 “-” “Mozilla/5.0 (compatible; MJ12bot/v1.4.5; http://www.majestic12.co.uk/bot.php?+)”
gw-cluster005.ovh.net – – [17/Sep/2016:17:04:17 +0900] “GET /xmlrpc.php HTTP/1.0” 405 42 “-” “wp-iphone”
gw-cluster015.ovh.net – – [17/Sep/2016:17:04:17 +0900] “GET /xmlrpc.php HTTP/1.0” 405 42 “-” “wp-android, wp-android”
www.cosmostv.by – – [17/Sep/2016:17:04:16 +0900] “GET /xmlrpc.php HTTP/1.0” 405 42 “-” “wp-iphone”
221.178.210.110 – – [17/Sep/2016:17:04:16 +0900] “GET /xmlrpc.php HTTP/1.0” 405 42 “-” “WordPress”
vps2.foxstone.net – – [17/Sep/2016:17:04:16 +0900] “GET /xmlrpc.php HTTP/1.0” 405 42 “-” “Windows Live Writer”
gw-cluster005.ovh.net – – [17/Sep/2016:17:04:17 +0900] “GET /xmlrpc.php HTTP/1.0” 405 42 “-” “wp-windowsphone”
www2.femanet.com.br – – [17/Sep/2016:17:04:17 +0900] “GET /xmlrpc.php HTTP/1.0” 405 42 “-” “wp-android”
klimosz.pl – – [17/Sep/2016:17:04:17 +0900] “GET /xmlrpc.php HTTP/1.0” 405 42 “-” “wp-windowsphone”
cpanel17.mywebserver.co.za – – [17/Sep/2016:17:04:17 +0900] “GET /xmlrpc.php HTTP/1.0” 405 42 “-” “Windows Live Writer”
gw-cluster011.ovh.net – – [17/Sep/2016:17:04:35 +0900] “POST /xmlrpc.php HTTP/1.0” 301 318 “-” “wp-android”
gw-cluster015.ovh.net – – [17/Sep/2016:17:04:35 +0900] “POST /xmlrpc.php HTTP/1.0” 301 318 “-” “wp-iphone”
fepi.fepi.com.ar – – [17/Sep/2016:17:04:35 +0900] “POST /xmlrpc.php HTTP/1.0” 301 318 “-” “Windows Live Writer”
gw-cluster014.ovh.net – – [17/Sep/2016:17:04:35 +0900] “POST /xmlrpc.php HTTP/1.0” 301 318 “-” “Windows Live Writer”
smtp.consortech.it – – [17/Sep/2016:17:04:35 +0900] “POST /xmlrpc.php HTTP/1.0” 301 318 “-” “wp-windowsphone”
alya.hozzt.com – – [17/Sep/2016:17:04:35 +0900] “POST /xmlrpc.php HTTP/1.1” 301 318 “-” “wp-android”
neon.allsitecontrol.com – – [17/Sep/2016:17:04:35 +0900] “POST /xmlrpc.php HTTP/1.0” 301 318 “-” “wp-iphone”
113.subnet180-250-53.speedy.telkom.net.id – – [17/Sep/2016:17:04:35 +0900] “POST /xmlrpc.php HTTP/1.0” 301 318 “-” “WordPress”
serv46.clientehospedagratis.net – – [17/Sep/2016:17:04:35 +0900] “POST /xmlrpc.php HTTP/1.1” 301 318 “-” “wp-android”
gw-cluster010.ovh.net – – [17/Sep/2016:17:04:35 +0900] “POST /xmlrpc.php HTTP/1.0” 301 318 “-” “Windows Live Writer”
gw-cluster015.ovh.net – – [17/Sep/2016:17:04:35 +0900] “POST /xmlrpc.php HTTP/1.0” 301 318 “-” “wp-windowsphone”
outgoing2.gridhost.co.uk – – [17/Sep/2016:17:04:35 +0900] “POST /xmlrpc.php HTTP/1.0” 301 318 “-” “Windows Live Writer”
itshneg.ru – – [17/Sep/2016:17:04:35 +0900] “POST /xmlrpc.php HTTP/1.0” 301 318 “-” “WordPress”
mj12bot.com – – [17/Sep/2016:17:04:35 +0900] “GET /archives/tag/%E8%87%AA%E4%BD%9C HTTP/1.1” 301 349 “-” “Mozilla/5.0 (compatible; MJ12bot/v1.4.5; http://www.majestic12.co.uk/bot.php?+)”
113.subnet180-250-53.speedy.telkom.net.id – – [17/Sep/2016:17:04:35 +0900] “GET /xmlrpc.php HTTP/1.0” 405 42 “-” “WordPress”
neon.allsitecontrol.com – – [17/Sep/2016:17:04:36 +0900] “GET /xmlrpc.php HTTP/1.0” 405 42 “-” “wp-iphone”
serv46.clientehospedagratis.net – – [17/Sep/2016:17:04:36 +0900] “GET /xmlrpc.php HTTP/1.1” 405 42 “-” “wp-android”
gw-cluster015.ovh.net – – [17/Sep/2016:17:04:36 +0900] “GET /xmlrpc.php HTTP/1.0” 405 42 “-” “wp-windowsphoner-agent: wp-windowsphone”
outgoing2.gridhost.co.uk – – [17/Sep/2016:17:04:36 +0900] “GET /xmlrpc.php HTTP/1.0” 405 42 “-” “Windows Live Writer”
fepi.fepi.com.ar – – [17/Sep/2016:17:04:36 +0900] “GET /xmlrpc.php HTTP/1.0” 405 42 “-” “Windows Live Writerent: Windows Live Writer”
gw-cluster011.ovh.net – – [17/Sep/2016:17:04:36 +0900] “GET /xmlrpc.php HTTP/1.0” 405 42 “-” “wp-android”
pro.host-care.com – – [17/Sep/2016:17:04:39 +0900] “POST /xmlrpc.php HTTP/1.0” 301 318 “-” “Poster”
svr49.internet-webhosting.com – – [17/Sep/2016:17:04:39 +0900] “POST /xmlrpc.php HTTP/1.1” 301 318 “-” “wp-windowsphone”
gw-cluster010.ovh.net – – [17/Sep/2016:17:04:39 +0900] “POST /xmlrpc.php HTTP/1.0” 301 318 “-” “WordPress”
5.175.40.16 – – [17/Sep/2016:17:04:39 +0900] “POST /xmlrpc.php HTTP/1.0” 301 318 “-” “wp-android”
sejingkat.hiveserv.com – – [17/Sep/2016:17:04:39 +0900] “POST /xmlrpc.php HTTP/1.0” 301 318 “-” “wp-windowsphone”
massindo.com – – [17/Sep/2016:17:04:39 +0900] “POST /xmlrpc.php HTTP/1.0” 301 318 “-” “wp-windowsphone”
b08s33mr.corenetworks.net – – [17/Sep/2016:17:04:39 +0900] “POST /xmlrpc.php HTTP/1.0” 301 318 “-” “wp-windowsphone”
server1.digitalmedianerds.sg – – [17/Sep/2016:17:04:39 +0900] “POST /xmlrpc.php HTTP/1.0” 301 318 “-” “wp-iphone”
wl70-wv8.wedos.net – – [17/Sep/2016:17:04:39 +0900] “POST /xmlrpc.php HTTP/1.0” 301 318 “-” “wp-android”
crawl-66-249-71-131.googlebot.com – – [17/Sep/2016:17:04:39 +0900] “GET /archives/2917 HTTP/1.1” 200 11501 “-” “Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)”
schmos.nichost.ru – – [17/Sep/2016:17:04:39 +0900] “POST /xmlrpc.php HTTP/1.0” 301 318 “-” “wp-android”
massindo.com – – [17/Sep/2016:17:04:39 +0900] “GET /xmlrpc.php HTTP/1.0” 405 42 “-” “wp-windowsphone”
svr49.internet-webhosting.com – – [17/Sep/2016:17:04:39 +0900] “GET /xmlrpc.php HTTP/1.1” 405 42 “-” “wp-windowsphone”
mj12bot.com – – [17/Sep/2016:17:04:39 +0900] “GET /archives/tag/%E8%87%AA%E4%BD%9C HTTP/1.1” 200 9431 “-” “Mozilla/5.0 (compatible; MJ12bot/v1.4.5; http://www.majestic12.co.uk/bot.php?+)”
server1.digitalmedianerds.sg – – [17/Sep/2016:17:04:39 +0900] “GET /xmlrpc.php HTTP/1.0” 405 42 “-” “wp-iphonel, wp-iphone”
gw-cluster014.ovh.net – – [17/Sep/2016:17:04:39 +0900] “GET /xmlrpc.php HTTP/1.0” 405 42 “-” “Windows Live Writer”
sejingkat.hiveserv.com – – [17/Sep/2016:17:04:39 +0900] “GET /xmlrpc.php HTTP/1.0” 405 42 “-” “wp-windowsphone”
173.208.247.10 – – [17/Sep/2016:17:04:41 +0900] “GET /archives/4205 HTTP/1.1” 200 10465 “-” “Mozilla/5.0 (Windows NT 6.1; Trident/7.0; rv:11.0) like Gecko”
gw-cluster015.ovh.net – – [17/Sep/2016:17:04:40 +0900] “GET /xmlrpc.php HTTP/1.0” 405 42 “-” “wp-windowsphoner-agent: wp-windowsphone”
smtp.consortech.it – – [17/Sep/2016:17:04:40 +0900] “GET /xmlrpc.php HTTP/1.0” 405 42 “-” “wp-windowsphone”
gw-cluster010.ovh.net – – [17/Sep/2016:17:04:39 +0900] “GET /xmlrpc.php HTTP/1.0” 405 42 “-” “Windows Live Writer”

▂▅▇█▓▒░(’ω’)░▒▓█▇▅▂うわあああああああああ

こんなときは

( ◠‿◠ )☛ vi .htaccess

<Files xmlrpc.php>
Require all denied
</Files>

( ◠‿◠ )☛ :wq

コメントを残す

メールアドレスが公開されることはありません。

このサイトはスパムを低減するために Akismet を使っています。コメントデータの処理方法の詳細はこちらをご覧ください