WordPressへの不正アクセス試行回数月間ランキング(2020年)
WordPress
2020.09.10
この記事は約13分で読めます。
※当サイトではリンク先にプロモーションを含みます、詳細はプライバシーポリシーをご参照ください。
プロローグ
WordPressプラグインの「Activity Log」で記録したログから以下条件でフィルターしトップ10くらいをランキング化したもの。備忘録として。
なお、かなり手抜き+気まぐれで集計しているのであまり参考にはならないかもしれません。あらかじめご了承ください。
- Auther:unknown
- Action:Wrong Password
2020年
2020年まとめ
それぞれ100件以上をフィルターしたもの。
個人のExcel管理ですので、誤差があるやもしれませんので参考程度で。
| IPアドレス | 試行回数 |
|---|
| 148.70.7.7 | 8672 |
| 40.87.105.177 | 4801 |
| 152.67.227.202 | 4766 |
| 51.11.246.188 | 3602 |
| 52.173.255.63 | 3320 |
| 52.186.155.64 | 3267 |
| 40.79.18.205 | 2605 |
| 34.207.64.71 | 2377 |
| 3.22.188.218 | 2137 |
| 18.140.246.27 | 1932 |
| 47.242.146.99 | 1884 |
| 51.116.234.30 | 1646 |
| 20.55.50.249 | 1604 |
| 46.105.45.118 | 1563 |
| 150.136.140.226 | 1563 |
| 176.9.64.212 | 1403 |
| 47.52.173.66 | 1059 |
| 13.68.101.79 | 1032 |
| 52.66.242.202 | 1008 |
| 95.142.120.42 | 999 |
| 95.142.126.6 | 999 |
| 5.62.35.140 | 999 |
| 40.76.244.107 | 999 |
| 35.239.47.239 | 999 |
| 34.66.141.39 | 999 |
| 35.224.246.43 | 999 |
| 20.55.97.46 | 999 |
| 213.171.208.216 | 999 |
| 167.99.70.89 | 999 |
| 128.199.208.85 | 999 |
| 13.78.239.204 | 999 |
| 128.199.152.0 | 999 |
| 100.25.12.84 | 999 |
| 8.210.198.182 | 942 |
| 47.242.232.127 | 942 |
| 47.242.231.66 | 942 |
| 35.239.1.99 | 937 |
| 3.81.31.41 | 935 |
| 198.251.78.10 | 828 |
| 159.242.234.211 | 828 |
| 54.146.86.211 | 823 |
| 52.251.114.233 | 823 |
| 52.149.131.39 | 823 |
| 104.192.1.94 | 823 |
| 13.73.5.245 | 823 |
| 47.242.161.143 | 816 |
| 46.118.118.233 | 783 |
| 13.92.27.130 | 737 |
| 46.119.160.60 | 727 |
| 130.211.216.247 | 702 |
| 62.210.79.249 | 636 |
| 47.242.10.102 | 571 |
| 198.245.49.126 | 562 |
| 195.154.185.170 | 562 |
| 47.75.241.241 | 554 |
| 47.56.251.207 | 545 |
| 23.102.130.253 | 504 |
| 188.165.239.119 | 396 |
| 62.210.172.189 | 392 |
| 198.245.61.69 | 392 |
| 62.210.178.121 | 366 |
| 195.154.207.19 | 359 |
| 198.245.50.141 | 319 |
| 62.210.203.108 | 318 |
| 62.210.177.248 | 318 |
| 62.210.83.152 | 318 |
| 198.245.50.182 | 318 |
| 192.99.1.215 | 318 |
| 192.99.2.166 | 318 |
| 163.172.7.51 | 318 |
| 35.200.127.161 | 282 |
| 51.83.171.25 | 275 |
| 54.212.176.153 | 252 |
| 54.173.104.114 | 252 |
| 3.96.189.169 | 252 |
| 40.91.111.2 | 252 |
| 45.77.233.101 | 252 |
| 40.71.56.185 | 252 |
| 45.87.212.56 | 252 |
| 217.138.194.121 | 252 |
| 20.55.89.205 | 252 |
| 212.115.108.103 | 252 |
| 23.102.164.254 | 252 |
| 167.99.100.241 | 252 |
| 13.90.62.102 | 252 |
| 107.150.29.146 | 252 |
| 62.210.204.182 | 244 |
| 198.100.148.222 | 244 |
| 198.245.49.194 | 244 |
| 198.245.49.18 | 244 |
| 195.154.177.22 | 244 |
| 198.245.50.13 | 244 |
| 198.245.50.191 | 244 |
| 142.4.213.140 | 244 |
| 62.210.178.165 | 222 |
| 198.245.61.116 | 222 |
| 62.210.172.123 | 209 |
| 81.68.77.100 | 159 |
| 62.210.178.243 | 148 |
| 198.245.49.57 | 148 |
| 54.254.220.106 | 130 |
| 47.244.7.115 | 129 |
| 52.138.97.228 | 128 |
| 13.68.168.107 | 120 |
| ID | 回数 |
|---|
| admin | 70166 |
| www.bambiman.com | 8672 |
| [login] | 4550 |
| bambiman | 3556 |
| tipiusang | 1604 |
| mangaagata1gmail-com | 1059 |
| vpnlike | 828 |
| dantel | 828 |
| dist_admin | 823 |
| vagner-baggio | 823 |
| vitaalveld | 823 |
| nir | 823 |
| wpengine | 823 |
| tani | 823 |
| ilovebengals | 823 |
| altrumedia | 483 |
| vellebelle | 483 |
| carmen | 483 |
| luizapleite | 483 |
| namibmab | 396 |
| jajhns10 | 327 |
| NoneNone | 263 |
| administrator | 255 |
| stevan | 252 |
| jwaddy | 252 |
| sangitaiyer | 252 |
| yoneteam | 252 |
| gbnews-admin | 252 |
| むちぼん | 124 |
| adam-p-anczykowski | 111 |
12月
| IPアドレス | 試行回数 |
|---|
| 52.66.242.202 | 1008 |
| 35.224.246.43 | 999 |
| 34.66.141.39 | 999 |
| 35.239.47.239 | 999 |
| 128.199.208.85 | 999 |
| 47.242.146.99 | 942 |
| 52.251.114.233 | 823 |
| 54.146.86.211 | 823 |
| 51.116.234.30 | 823 |
| 46.118.118.233 | 783 |
| 13.92.27.130 | 737 |
| 130.211.216.247 | 702 |
| 195.154.185.170 | 562 |
| 47.52.173.66 | 558 |
| 47.75.241.241 | 554 |
| 46.105.45.118 | 504 |
| 195.154.207.19 | 318 |
| 54.212.176.153 | 252 |
| 40.71.56.185 | 252 |
| 217.138.194.121 | 252 |
| 40.87.105.177 | 252 |
| 40.91.111.2 | 252 |
| 20.55.89.205 | 252 |
| 107.150.29.146 | 252 |
| 13.90.62.102 | 252 |
| 118.240.45.98 | 206 |
| 54.254.220.106 | 130 |
| 47.244.7.115 | 129 |
| 総計(上記以外含め) | 17622 |
考察
11月の激増はなんだったのかなと拍子抜けするような件数。
試行IDは以下の通り。
| ID | 回数 |
|---|
| admin | 11933 |
| [login] | 1202 |
| wpengine | 823 |
| nir | 823 |
| tani | 823 |
| bambiman | 669 |
| jwaddy | 252 |
| sangitaiyer | 252 |
| yoneteam | 252 |
| NoneNone | 247 |
| tamilan | 60 |
| test | 10 |
| demo | 6 |
| TaoTronicsのサポートとひと悶着したお話 | 3 |
| garak | 3 |
| adminnistrator | 3 |
| adminisstrator | 3 |
| 0x1999 | 3 |
| むちぼん | 3 |
| 123456 | 3 |
| indoxploit | 3 |
| schatzi | 2 |
| test1 | 2 |
| guest | 2 |
| wpupdateuser | 2 |
| tester | 2 |
| testuser | 2 |
| testing | 2 |
| editor | 2 |
| dexter | 2 |
| badmin | 2 |
| magico | 2 |
| mark | 2 |
| mike | 2 |
| user | 1 |
| lucas | 1 |
| xrumertest | 1 |
| useradmin | 1 |
| AnonymousFox | 1 |
| kenneth | 1 |
| root | 1 |
11月
| IPアドレス | 試行回数 |
|---|
| 152.67.227.202 | 4766 |
| 34.207.64.71 | 2377 |
| 52.173.255.63 | 1660 |
| 150.136.140.226 | 1563 |
| 176.9.64.212 | 1403 |
| 13.78.239.204 | 999 |
| 47.242.231.66 | 942 |
| 35.239.1.99 | 937 |
| 159.242.234.211 | 828 |
| 52.149.131.39 | 823 |
| 46.119.160.60 | 727 |
| 47.242.10.102 | 571 |
| 23.102.130.253 | 504 |
| 188.165.239.119 | 396 |
| 62.210.203.108 | 318 |
| 198.245.49.126 | 318 |
| 62.210.83.152 | 318 |
| 163.172.7.51 | 318 |
| 198.245.50.182 | 318 |
| 23.102.164.254 | 252 |
| 54.173.104.114 | 252 |
| 45.77.233.101 | 252 |
| 212.115.108.103 | 252 |
| 192.99.1.215 | 244 |
| 62.210.204.182 | 244 |
| 62.210.172.123 | 209 |
| 62.210.178.243 | 148 |
| 198.245.61.116 | 148 |
| 総計(上記以外含め) | 23354 |
考察
特定記事の閲覧がコンスタントにあるからか、圧倒的に件数が増えた。
試行IDは以下の通り。
| ID | 回数 |
|---|
| admin | 19993 |
| bambiman | 942 |
| ilovebengals | 823 |
| [login] | 647 |
| namibmab | 396 |
| administrator | 252 |
| stevan | 252 |
| NoneNone | 16 |
| むちぼん | 12 |
10月
| IPアドレス | 試行回数 |
|---|
| 51.11.246.188 | 3602 |
| 18.140.246.27 | 1932 |
| 52.173.255.63 | 1660 |
| 40.79.18.205 | 1606 |
| 167.99.70.89 | 999 |
| 198.251.78.10 | 828 |
| 47.52.173.66 | 501 |
| 198.245.50.141 | 319 |
| 62.210.177.248 | 318 |
| 62.210.178.121 | 318 |
| 198.245.61.69 | 318 |
| 167.99.100.241 | 252 |
| 198.245.50.13 | 244 |
| 198.245.49.194 | 244 |
| 192.99.2.166 | 244 |
| 198.245.50.191 | 244 |
| 198.245.49.18 | 244 |
| 198.100.148.222 | 244 |
| 198.245.49.126 | 244 |
| 142.4.213.140 | 244 |
| 51.83.171.25 | 199 |
| 52.138.97.228 | 128 |
| 総計(上記以外含め) | 16854 |
考察
先月より3000件強増加。
ちなみに記事を更新している11/24現在で11月分が2万件を超えているので、毎月増加傾向にある。(11月分は12月に更新予定)
WEBサイトを管理するって大変なんですね。(小並感)
年を跨いだ頃からCloudflareのWAFで色々と制限をかけてみたいと思っています、どんな効果が出るのか楽しみです。
試行ID一覧は以下の通り。
| ID | 回数 |
|---|
| admin | 15815 |
| [login] | 651 |
| test | 40 |
| bambiman | 30 |
| demo | 13 |
| test1 | 8 |
| user | 8 |
| testuser | 7 |
| editor | 6 |
| むちぼん | 6 |
| test2 | 5 |
| testing | 5 |
| admin2 | 5 |
| root | 5 |
| 123 | 4 |
| tester | 4 |
| teste | 4 |
| guest | 4 |
| administrator | 3 |
| prueba | 3 |
| alex | 3 |
| 123456 | 3 |
| test123 | 3 |
| depper | 3 |
| username | 3 |
| master | 2 |
| 12345 | 2 |
| private | 2 |
| 1234567890 | 2 |
| david | 2 |
| deneme | 2 |
| nicole | 2 |
| badmin | 2 |
| pruebas | 2 |
| dev | 2 |
| a | 2 |
| dummy | 2 |
| marketing | 2 |
| duozhandian | 2 |
| michellie | 2 |
| editeur | 2 |
| port | 2 |
| admin1 | 2 |
| cristina | 2 |
| administrador | 2 |
| review | 2 |
| antonio | 2 |
| support | 2 |
| client | 2 |
| customer | 2 |
| thomas | 2 |
| aaa | 2 |
| agent | 2 |
| waimao2020 | 2 |
| testtest | 2 |
| marco | 2 |
| toto | 2 |
| maria | 2 |
| anna | 2 |
| mark | 2 |
| manager | 2 |
| wpxml | 2 |
| webadmin | 1 |
| subscriber | 1 |
| redattore | 1 |
| deleteme | 1 |
| a1 | 1 |
| adm | 1 |
| preview | 1 |
| ahmad | 1 |
| sarah | 1 |
| alandoeagency | 1 |
| test1234 | 1 |
| alberto | 1 |
| admins | 1 |
| dexter | 1 |
| paul | 1 |
| admin1234 | 1 |
| behomeagency | 1 |
| am2studio | 1 |
| rtiop | 1 |
| andrea | 1 |
| shivi | 1 |
| andrew | 1 |
| 0x1999 | 1 |
| education | 1 |
| clearsense | 1 |
| epper | 1 |
| trollet | 1 |
| esra | 1 |
| visitante | 1 |
| first | 1 |
| wpmod | 1 |
| fiverr | 1 |
| plan-cul-suisse | 1 |
| garak | 1 |
| adminisstrator | 1 |
| gary | 1 |
| qwer0304 | 1 |
| gaya | 1 |
| robert | 1 |
| geed123 | 1 |
| sadmin | 1 |
| george | 1 |
| sergio | 1 |
| golden | 1 |
| steve | 1 |
| andy | 1 |
| bonnie | 1 |
| hameconage | 1 |
| brain | 1 |
| hello | 1 |
| test3 | 1 |
| henry | 1 |
| admin_rtv | 1 |
| homework | 1 |
| tom | 1 |
| hxyuri46 | 1 |
| user1 | 1 |
| indoxploit | 1 |
| utente | 1 |
| info | 1 |
| daniel | 1 |
| iphone | 1 |
| wordpress | 1 |
| james | 1 |
| admixas | 1 |
| jason | 1 |
| plan-cul-region | 1 |
| jbadmin | 1 |
| az | 1 |
| jessicorn | 1 |
| price | 1 |
| jetair | 1 |
| admin_rt | 1 |
| john | 1 |
| quantri | 1 |
| youstkatmtc | 1 |
| redaktor | 1 |
| 1 | 1 |
| belgique-rencontre | 1 |
| jsjobs_jobseeker | 1 |
| bob | 1 |
| wpupdateuser | 1 |
| s | 1 |
| xrumertest | 1 |
| salope-region | 1 |
| abc | 1 |
| school | 1 |
| lol | 1 |
| sexe-suisse | 1 |
| magico | 1 |
| staff | 1 |
| mahi | 1 |
| student1 | 1 |
| malivai | 1 |
| suisse-rencontre | 1 |
| [email protected] | 1 |
| technician | 1 |
| admina | 1 |
| test01 | 1 |
| arsalan | 1 |
| carlos | 1 |
| marina | 1 |
| carpetsdubai | 1 |
| arthur | 1 |
| chynna | 1 |
| asdasd | 1 |
| testeur | 1 |
| ashish | 1 |
| cliente | 1 |
| melih | 1 |
| coke | 1 |
| member | 1 |
| contenter | 1 |
| michael | 1 |
| adminkoi | 1 |
| avant | 1 |
| user2 | 1 |
| mike | 1 |
| usuario | 1 |
| monica | 1 |
| vendor | 1 |
| newsreport | 1 |
| visiteur | 1 |
| ayunnina | 1 |
| wasimabbas | 1 |
| nokhbegan | 1 |
| weekevent | 1 |
| ofekino | 1 |
| wpg56uest2 | 1 |
| operator | 1 |
| wp-sys-admin | 1 |
| partner | 1 |
| patricia | 1 |
| killo | 1 |
| xxx | 1 |
| laura | 1 |
| lisa | 1 |
| jordi | 1 |
| jsjobs_employer | 1 |
9月
| IPアドレス | 試行回数 |
|---|
| 148.70.7.7 | 8674 |
| 13.68.101.79 | 1032 |
| 40.79.18.205 | 999 |
| 62.210.79.249 | 562 |
| 62.210.172.189 | 244 |
| 195.154.177.22 | 244 |
| 51.83.171.25 | 76 |
| 62.210.178.165 | 74 |
| 195.154.168.35 | 74 |
| 62.210.79.233 | 74 |
| 62.210.140.84 | 74 |
| 198.27.64.85 | 74 |
| 総計(上記以外含め) | 13135 |
考察
総計は前月の倍以上となった。先月に引き続きランクインしたIPアドレスは3個、ヨーロッパのISPなのかな?
先月と大きく異なるのは、試行に使用されたIDの種類が増えていたこと。
| ID | 回数 |
|---|
| admin | 850 |
| [login] | 208 |
| test | 19 |
| demo | 8 |
| むちぼん | 6 |
| user | 5 |
| test1 | 4 |
| testuser | 4 |
| editor | 3 |
| root | 3 |
| admin2 | 3 |
| guest | 2 |
| administrador | 2 |
| duozhandian | 2 |
| teste | 2 |
| test2 | 2 |
| testing | 2 |
| prueba | 2 |
| alex | 2 |
| manager | 2 |
| wpxml | 2 |
| 123 | 2 |
| plan-cul-region | 1 |
| alberto | 1 |
| sarah | 1 |
| am2studio | 1 |
| marketing | 1 |
| andrew | 1 |
| redattore | 1 |
| andy | 1 |
| admins | 1 |
| anna | 1 |
| wordpress | 1 |
| antonio | 1 |
| nicole | 1 |
| arsalan | 1 |
| private | 1 |
| asdasd | 1 |
| rtiop | 1 |
| avant | 1 |
| 12345 | 1 |
| ayunnina | 1 |
| agent | 1 |
| az | 1 |
| waimao2020 | 1 |
| badmin | 1 |
| 123456 | 1 |
| belgique-rencontre | 1 |
| michellie | 1 |
| bonnie | 1 |
| operator | 1 |
| brain | 1 |
| port | 1 |
| clearsense | 1 |
| pruebas | 1 |
| client | 1 |
| robert | 1 |
| contenter | 1 |
| sadmin | 1 |
| cristina | 1 |
| steve | 1 |
| customer | 1 |
| test123 | 1 |
| daniel | 1 |
| admixas | 1 |
| david | 1 |
| toto | 1 |
| deleteme | 1 |
| vendor | 1 |
| 1234567890 | 1 |
| webadmin | 1 |
| deneme | 1 |
| wpmod | 1 |
| depper | 1 |
| mark | 1 |
| dexter | 1 |
| master | 1 |
| dummy | 1 |
| newsreport | 1 |
| admin_rt | 1 |
| ofekino | 1 |
| editeur | 1 |
| partner | 1 |
| admin_rtv | 1 |
| plan-cul-suisse | 1 |
| education | 1 |
| price | 1 |
| epper | 1 |
| adminisstrator | 1 |
| fiverr | 1 |
| redaktor | 1 |
| garak | 1 |
| review | 1 |
| gaya | 1 |
| adm | 1 |
| geed123 | 1 |
| s | 1 |
| george | 1 |
| salope-region | 1 |
| golden | 1 |
| sexe-suisse | 1 |
| admin1 | 1 |
| suisse-rencontre | 1 |
| iphone | 1 |
| administrator | 1 |
| james | 1 |
| adminkoi | 1 |
| jason | 1 |
| tester | 1 |
| youstkatmtc | 1 |
| testtest | 1 |
| admin1234 | 1 |
| thomas | 1 |
| xrumertest | 1 |
| trollet | 1 |
| john | 1 |
| username | 1 |
| killo | 1 |
| visitante | 1 |
| lisa | 1 |
| wasimabbas | 1 |
| mahi | 1 |
| weekevent | 1 |
| aaa | 1 |
| wpg56uest2 | 1 |
| marco | 1 |
| wp-sys-admin | 1 |
| maria | 1 |
| marina | 1 |
| a | 1 |
| jetair | 1 |
| jbadmin | 1 |
| jessicorn | 1 |
| 総計 | 1246 |
リバースブルートフォース?安易なID名は利用しないことですね。
それにしてもJetpackの「ブロックした悪意のあるログイン試行」はどういった条件でカウントアップするんでしょ。
8月
| IPアドレス | 試行回数 |
|---|
| 3.22.188.218 | 2137 |
| 95.142.120.42 | 999 |
| 128.199.152.0 | 999 |
| 5.62.35.140 | 999 |
| 62.210.172.189 | 148 |
| 62.210.178.165 | 148 |
| 62.210.79.249 | 74 |
| 52.249.251.173 | 60 |
| 91.121.184.52 | 5 |
| 筆者自宅IP(ただのタイポ) | 4 |
| 総計(上記以外含め) | 5573 |
記事は以上
