WordPressで絶対使ってはいけないユーザー名の1位:admin、2位:ドメイン名、3位:administrator
159個のIPアドレスからログインパスワードの総当たり攻撃(ブルートフォースアタック)を受けたときのアクセスログです。
私のサイトはこの攻撃を想定して、数回のログインを失敗すると短時間ログイン画面をロックアウトし、さらにそれを何度か繰り返すと長時間に及ぶロックアウトにエスカレーションします。
そしてそのトラップの引っかかったサイトのIPアドレスを掲載します。
これをみると、約8割がユーザー名:admin、残りの2割がドメイン名(例えばあなたのサイトがhoge.example.comの場合、hoge.exampleとかexample)で無差別攻撃しているのが分かります。
さらにIPアドレスを調査すると、国際色豊かですが、意外なことに日本のIPアドレス(赤字)も有りました。
これをみると、Wordpressのユーザー名に「admin」を使うのは論外ですが、同様にドメイン名も危険なので止めた方が良いでしょう。
以下のログはWordpressのプラグイン、Limit Login Attemptsでパスワードを規定回数間違えて記録されたログです。
まだ、Limit Login Attemptsを導入していなければ、ブルートフォースアタックを防ぐために入れた方が良いと思います。
| 178.151.216.53 | admin (1 lockout) |
| 116.70.155.177 | admin (1 lockout), {domain} (1 lockout) |
| 114.187.68.220 | admin (7 lockouts), {domain} (2 lockouts) |
| 125.196.157.28 | admin (1 lockout) |
| 126.43.103.137 | admin (2 lockouts) |
| 120.60.140.166 | admin (1 lockout) |
| 58.11.135.111 | admin (1 lockout) |
| 110.168.119.246 | admin (1 lockout) |
| 171.96.25.91 | admin (1 lockout) |
| 125.15.40.43 | admin (1 lockout) |
| 58.9.59.191 | admin (1 lockout) |
| 122.102.233.91 | admin (1 lockout) |
| 31.192.16.226 | admin (3 lockouts) |
| 190.183.224.253 | admin (2 lockouts) |
| 49.48.246.151 | admin (2 lockouts) |
| 112.208.98.182 | admin (2 lockouts) |
| 42.116.189.151 | admin (1 lockout) |
| 58.9.174.71 | admin (1 lockout) |
| 182.168.236.115 | admin (1 lockout) |
| 49.129.72.199 | admin (1 lockout) |
| 122.220.255.199 | admin (1 lockout) |
| 189.225.129.63 | admin (1 lockout) |
| 190.42.128.134 | admin (1 lockout) |
| 202.79.157.70 | admin (2 lockouts) |
| 78.166.146.253 | admin (1 lockout) |
| 177.0.55.22 | admin (1 lockout) |
| 187.107.13.37 | admin (1 lockout) |
| 85.103.199.39 | admin (1 lockout) |
| 95.69.185.246 | admin (3 lockouts) |
| 91.103.29.238 | admin (5 lockouts) |
| 27.142.44.232 | admin (4 lockouts), {domain} (1 lockout) |
| 210.147.180.171 | admin (1 lockout) |
| 126.6.176.208 | admin (1 lockout), {domain} (1 lockout) |
| 111.93.180.66 | admin (1 lockout) |
| 124.122.96.69 | admin (2 lockouts) |
| 78.166.170.156 | admin (1 lockout) |
| 114.156.16.181 | admin (1 lockout) |
| 46.160.94.252 | {domain} (1 lockout) |
| 2.135.48.69 | it.trend-ai (1 lockout), admin (1 lockout) |
| 39.41.76.16 | {domain} (1 lockout) |
| 58.8.194.243 | it.trend-ai (1 lockout), admin (2 lockouts) |
| 202.55.191.35 | it.trend-ai (1 lockout) |
| 27.3.140.193 | {domain} (1 lockout) |
| 77.47.132.25 | admin (1 lockout) |
| 197.7.28.197 | admin (1 lockout) |
| 126.12.145.146 | admin (1 lockout) |
| 122.154.28.178 | admin (1 lockout) |
| 110.78.147.154 | admin (1 lockout) |
| 41.99.77.19 | admin (1 lockout) |
| 197.78.141.111 | admin (1 lockout) |
| 200.79.132.153 | admin (1 lockout) |
| 212.252.194.54 | admin (1 lockout) |
| 124.6.181.167 | admin (1 lockout) |
| 110.77.231.113 | admin (1 lockout) |
| 37.236.140.47 | admin (1 lockout) |
| 202.14.87.157 | admin (1 lockout) |
| 202.21.105.13 | admin (1 lockout) |
| 190.218.168.175 | admin (1 lockout) |
| 202.28.78.139 | admin (1 lockout) |
| 193.31.206.154 | admin (1 lockout) |
| 84.229.49.47 | admin (1 lockout) |
| 124.121.226.106 | it.trend-ai (1 lockout), admin (1 lockout) |
| 178.131.57.28 | admin (1 lockout) |
| 58.9.218.213 | admin (1 lockout) |
| 2.147.129.219 | admin (1 lockout) |
| 82.200.205.101 | it.trend-ai (1 lockout), admin (1 lockout) |
| 190.214.25.244 | it.trend-ai (1 lockout) |
| 175.139.134.113 | it.trend-ai (1 lockout) |
| 151.244.7.65 | it.trend-ai (1 lockout) |
| 110.170.4.50 | it.trend-ai (1 lockout) |
| 193.31.200.155 | it.trend-ai (1 lockout) |
| 180.146.118.2 | admin (2 lockouts) |
| 112.208.39.17 | admin (1 lockout) |
| 197.251.167.139 | admin (1 lockout) |
| 133.37.209.103 | admin (3 lockouts) |
| 202.29.239.117 | admin (1 lockout) |
| 39.48.121.252 | admin (1 lockout) |
| 201.141.36.212 | admin (1 lockout) |
| 42.116.174.28 | admin (1 lockout) |
| 182.182.106.52 | admin (1 lockout) |
| 93.173.245.96 | admin (1 lockout) |
| 113.166.46.177 | admin (1 lockout) |
| 78.188.62.25 | admin (1 lockout) |
| 105.168.7.201 | admin (1 lockout) |
| 79.182.102.147 | admin (1 lockout) |
| 85.154.86.73 | admin (1 lockout) |
| 182.93.213.121 | admin (1 lockout) |
| 113.53.61.228 | admin (1 lockout) |
| 121.97.121.89 | admin (1 lockout) |
| 58.11.135.83 | admin (1 lockout) |
| 126.119.162.190 | admin (1 lockout) |
| 122.3.199.152 | admin (1 lockout) |
| 187.199.174.137 | admin (1 lockout) |
| 1.179.148.9 | admin (1 lockout) |
| 139.190.208.154 | admin (1 lockout) |
| 180.183.161.96 | admin (2 lockouts), it.trend-ai (1 lockout) |
| 171.4.113.187 | {domain} (1 lockout), admin (1 lockout) |
| 182.178.233.55 | admin (1 lockout) |
| 37.150.236.182 | admin (1 lockout) |
| 210.174.2.150 | admin (1 lockout) |
| 41.86.151.158 | admin (1 lockout) |
| 147.30.184.225 | admin (1 lockout) |
| 41.221.105.92 | admin (1 lockout) |
| 217.15.126.2 | admin (1 lockout) |
| 2.132.70.206 | admin (1 lockout) |
| 188.159.18.51 | admin (1 lockout) |
| 171.5.199.181 | admin (1 lockout) |
| 2.133.66.132 | admin (1 lockout) |
| 41.57.82.12 | it.trend-ai (1 lockout) |
| 41.215.149.137 | admin (1 lockout) |
| 88.204.239.58 | admin (1 lockout) |
| 37.236.114.64 | it.trend-ai (1 lockout) |
| 203.215.65.198 | it.trend-ai (1 lockout), admin (1 lockout) |
| 186.46.154.109 | admin (1 lockout) |
| 201.51.155.33 | {domain} (1 lockout) |
| 115.31.19.88 | admin (1 lockout) |
| 109.67.15.67 | admin (1 lockout) |
| 42.119.224.187 | admin (1 lockout) |
| 203.100.215.44 | admin (1 lockout) |
| 190.37.107.115 | admin (1 lockout) |
| 181.64.138.157 | admin (1 lockout) |
| 106.147.69.99 | admin (1 lockout) |
| 186.101.201.105 | admin (2 lockouts) |
| 124.6.181.182 | admin (1 lockout) |
| 186.44.180.180 | admin (1 lockout) |
| 189.18.241.180 | admin (1 lockout) |
| 218.103.91.245 | admin (2 lockouts) |
| 190.238.26.213 | admin (1 lockout) |
| 190.131.176.27 | admin (1 lockout) |
| 190.37.239.121 | admin (1 lockout) |
| 78.168.17.102 | admin (1 lockout) |
| 189.135.186.170 | admin (1 lockout) |
| 201.240.219.49 | admin (1 lockout) |
| 217.165.128.124 | admin (1 lockout) |
| 189.231.8.163 | admin (1 lockout) |
| 223.204.9.207 | admin (1 lockout) |
| 187.153.194.77 | admin (1 lockout) |
| 41.188.104.129 | admin (1 lockout) |
| 186.101.151.201 | it.trend-ai (1 lockout), admin (1 lockout) |
| 122.196.199.165 | {domain} (1 lockout), admin (1 lockout) |
| 113.53.253.115 | it.trend-ai (1 lockout), admin (1 lockout) |
| 114.159.240.111 | {domain} (1 lockout) |
| 201.141.48.84 | admin (1 lockout) |
| 189.114.54.226 | admin (1 lockout) |
| 91.140.186.226 | admin (1 lockout) |
| 190.214.201.83 | admin (1 lockout) |
| 153.131.87.165 | admin (1 lockout) |
| 185.21.120.43 | it.trend-ai (1 lockout) |
| 186.3.15.10 | admin (1 lockout) |
| 27.142.134.114 | admin (1 lockout) |
| 177.107.32.78 | admin (1 lockout) |
| 115.37.232.206 | admin (1 lockout) |
| 200.110.77.39 | admin (1 lockout) |
| 151.244.1.252 | admin (1 lockout) |
| 189.231.20.217 | admin (1 lockout) |
| 41.98.113.241 | admin (1 lockout) |
| 189.54.41.127 | admin (1 lockout) |
| 217.76.69.123 | admin (1 lockout) |
| 112.209.132.72 | admin (1 lockout) |
別のサイト
| 178.151.216.53 | admin (1 lockout) |
| 94.72.87.134 | lifestyle.trend-ai (1 lockout) |
| 190.73.195.229 | lifestyle.trend-ai (1 lockout) |
| 217.118.79.22 | lifestyle.trend-ai (1 lockout) |
| 112.198.79.27 | lifestyle.trend-ai (1 lockout) |
| 201.157.4.22 | lifestyle.trend-ai (1 lockout) |
| 173.12.49.27 | lifestyle.trend-ai (1 lockout) |
| 94.74.143.198 | lifestyle.trend-ai (1 lockout) |
| 176.222.189.90 | lifestyle.trend-ai (1 lockout) |
| 203.114.107.6 | administrator (1 lockout) |
| 190.254.91.42 | lifestyle.trend-ai (1 lockout) |
| 118.174.147.197 | administrator (1 lockout) |
| 212.76.25.38 | lifestyle.trend-ai (1 lockout) |
| 27.3.64.159 | lifestyle.trend-ai (1 lockout) |
| 89.123.27.131 | admin (1 lockout) |
| 37.191.68.72 | lifestyle.trend-ai (1 lockout) |
| 41.107.239.166 | lifestyle.trend-ai (1 lockout) |
| 190.155.1.187 | administrator (1 lockout) |
| 187.207.3.217 | lifestyle.trend-ai (1 lockout) |
| 118.175.153.228 | administrator (1 lockout) |
| 188.159.143.57 | lifestyle.trend-ai (3 lockouts) |
| 58.26.127.143 | administrator (1 lockout) |
| 190.118.69.100 | lifestyle.trend-ai (1 lockout) |
| 2.187.114.216 | lifestyle.trend-ai (1 lockout) |
| 190.234.181.223 | administrator (1 lockout) |
| 212.112.119.35 | lifestyle.trend-ai (1 lockout) |
| 190.72.14.218 | lifestyle.trend-ai (1 lockout) |
| 95.58.125.58 | administrator (1 lockout) |
| 111.223.97.130 | administrator (2 lockouts) |
| 190.5.60.139 | administrator (1 lockout) |
| 2.187.50.129 | lifestyle.trend-ai (1 lockout) |
| 202.58.85.15 | lifestyle.trend-ai (1 lockout) |
| 202.126.89.177 | administrator (1 lockout) |
| 120.61.13.178 | lifestyle.trend-ai (1 lockout) |
| 92.46.227.41 | administrator (1 lockout) |
| 173.76.247.81 | administrator (1 lockout) |
| 186.5.31.36 | lifestyle.trend-ai (3 lockouts) |
| 2.179.101.9 | lifestyle.trend-ai (1 lockout) |
| 101.51.230.240 | lifestyle.trend-ai (1 lockout) |
| 2.187.99.67 | administrator (1 lockout) |
| 139.190.26.226 | lifestyle.trend-ai (1 lockout) |
| 2.51.4.78 | lifestyle.trend-ai (1 lockout) |
| 207.61.86.5 | lifestyle.trend-ai (1 lockout) |
| 114.79.1.218 | lifestyle.trend-ai (1 lockout) |
