はじめに
個人開発のアプリをリリースした後、不審なリクエストが来ているのをログで見つけた。本記事ではそのログを紹介しつつ、どのような意図を持ったリクエストなのか?も見ていきたいと思う。
今後リリースをする個人開発者をはじめ、どなたかの役に立てば幸いです。
本記事は随時更新しています
2024-07-24
GET https://oniku-map.com/ - Ok @ 2024/7/24 17:49:59
GET https://oniku-map.com/privacy-policy - Ok @ 2024/7/24 17:50:12
GET https://oniku-map.com//2020/wp-includes/wlwmanifest.xml - Ok @ 2024/7/24 18:08:16
(error) Error: Not found: //2020/wp-includes/wlwmanifest.xml
GET https://oniku-map.com/ - Ok @ 2024/7/24 18:08:14
GET https://oniku-map.com/ - Ok @ 2024/7/24 18:08:15
GET https://oniku-map.com//2019/wp-includes/wlwmanifest.xml - Ok @ 2024/7/24 18:08:16
(error) Error: Not found: //2019/wp-includes/wlwmanifest.xml
GET https://oniku-map.com//wp-includes/wlwmanifest.xml - Ok @ 2024/7/24 18:08:15
(error) Error: Not found: //wp-includes/wlwmanifest.xml
GET https://oniku-map.com//blog/wp-includes/wlwmanifest.xml - Ok @ 2024/7/24 18:08:15
(error) Error: Not found: //blog/wp-includes/wlwmanifest.xml
GET https://oniku-map.com//shop/wp-includes/wlwmanifest.xml - Ok @ 2024/7/24 18:08:16
(error) Error: Not found: //shop/wp-includes/wlwmanifest.xml
GET https://oniku-map.com//wp1/wp-includes/wlwmanifest.xml - Ok @ 2024/7/24 18:08:16
(error) Error: Not found: //wp1/wp-includes/wlwmanifest.xml
GET https://oniku-map.com//test/wp-includes/wlwmanifest.xml - Ok @ 2024/7/24 18:08:16
(error) Error: Not found: //test/wp-includes/wlwmanifest.xml
GET https://oniku-map.com//wp2/wp-includes/wlwmanifest.xml - Ok @ 2024/7/24 18:08:16
(error) Error: Not found: //wp2/wp-includes/wlwmanifest.xml
GET https://oniku-map.com//web/wp-includes/wlwmanifest.xml - Ok @ 2024/7/24 18:08:15
(error) Error: Not found: //web/wp-includes/wlwmanifest.xml
GET https://oniku-map.com//xmlrpc.php?rsd - Ok @ 2024/7/24 18:08:15
(error) Error: Not found: //xmlrpc.php
GET https://oniku-map.com//site/wp-includes/wlwmanifest.xml - Ok @ 2024/7/24 18:08:16
(error) Error: Not found: //site/wp-includes/wlwmanifest.xml
GET https://oniku-map.com//wordpress/wp-includes/wlwmanifest.xml - Ok @ 2024/7/24 18:08:15
(error) Error: Not found: //wordpress/wp-includes/wlwmanifest.xml
GET https://oniku-map.com//website/wp-includes/wlwmanifest.xml - Ok @ 2024/7/24 18:08:15
(error) Error: Not found: //website/wp-includes/wlwmanifest.xml
GET https://oniku-map.com//cms/wp-includes/wlwmanifest.xml - Ok @ 2024/7/24 18:08:16
(error) Error: Not found: //cms/wp-includes/wlwmanifest.xml
GET https://oniku-map.com//wp/wp-includes/wlwmanifest.xml - Ok @ 2024/7/24 18:08:16
(error) Error: Not found: //wp/wp-includes/wlwmanifest.xml
GET https://oniku-map.com//news/wp-includes/wlwmanifest.xml - Ok @ 2024/7/24 18:08:16
(error) Error: Not found: //news/wp-includes/wlwmanifest.xml
GET https://oniku-map.com//sito/wp-includes/wlwmanifest.xml - Ok @ 2024/7/24 18:08:16
(error) Error: Not found: //sito/wp-includes/wlwmanifest.xml
分析
外部のボットや攻撃者が WordPress サイトかどうかを確認し、脆弱性を探ろうとしている可能性がある
対応
WAF(Cloudflare)でブロックするように設定。