こんなにもアタックを受けているとは知りませんでした・・・

ホームページサーバーのアクセスログを見ていたときのこと・・・。

同一時間帯、しかも、数秒のうちに、同一アクセス元からのアクセスで、余りの多さの404(ファイルが存在しない)コードが吐き出されていて、これは、総アタックだと思えるほどのアクセスでしす。

よくも、ここまでホームページアドレスを収集したものだと感心しながら、眺めていました。

でも、逆にいえば、これらの悟られるアドレスにしてはいけませんよというメッセージにも見えてきましたので、そのアドレスの一部をご紹介します。

これからホームページを作成される方、既にホームページを運用しておられる方、管理画面や管理ファイル、テスト用アドレスに以下のアドレスが使われている方は、変更されることをオススメいたします。

アタックのアドレスの一部です。


/.config.php
/.env
/.git.php
/.php
/.well-known/security.txt
/001565000000.cfg
/02.php
/099.php
/1.php
/1/index.php
/1111.php
/12.php
/1213.php
/123.php
/123131/index.php
/1234.php
/12345.php
/15.php
/1556189185.php
/1hou.php
/1ndex.php
/1q.php
/1x.php
/2.php
/2phpmyadmin/index.php
/3.php
/321/index.php
/4.php
/404.php
/411.php
/415.php
/421.php
/444.php
/51.php
/51314.php
/520.php
/5201314.php
/56.php
/6.php
/605.php
/666.php
/666666.php
/7.php
/777.php
/789056.php
/7o.php
/887.php
/888.php
/9.php
/92.php
/9510.php
/9678.php
/981.php
/987.php
/98k.php
/999.php
/Administrator.php
/Alarg53.php
/App4cddc79e.php
/CC.php
/CCC.PHP
/CCCC.PHP
/DJ.php
/Drupal.php
/HNAP1/
/HX.php
/Hzllaga.php
/LoginPage.do
/MCLi.php
/Moxin.PHP
/MyAdmin/index.php
/MyAdmin/index.php
/PMA/index.php
/PMA/index.php
/PMA2/index.php
/PMA2011/index.php
/PMA2012/index.php
/PMA2013/index.php
/PMA2014/index.php
/PMA2015/index.php
/PMA2016/index.php
/PMA2017/index.php
/PMA2018/index.php
/Pings.php
/Skri.php
/Ss.php
/TP/html/public/index.php
/TP/index.php
/TP/public/index.php
/Updata.php
/_404.php
/_async/AsyncResponseService
/_query.php
/_search
/a.php
/a411.php
/aa.php
/aaa.php
/aaaa.php
/aaaaaa1.php
/aap.php
/abc.php
/abc776.php
/ack.php
/admin/
/admin/PMA/index.php
/admin/db/index.php
/admin/index.php
/admin/index.php
/admin/mysql/index.php
/admin/mysql2/index.php
/admin/pMA/index.php
/admin/phpMyAdmin/index.php
/admin/phpMyAdmin/index.php
/admin/phpmyadmin/index.php
/admin/phpmyadmin/index.php
/admin/phpmyadmin2/index.php
/admin/pma/index.php
/admin/sqladmin/index.php
/admin/sysadmin/index.php
/admin/web/index.php
/admin1.php
/administrator/PMA/index.php
/administrator/admin/index.php
/administrator/db/index.php
/administrator/phpMyAdmin/index.php
/administrator/phpmyadmin/index.php
/administrator/pma/index.php
/administrator/web/index.php
/administrator/webconfig.txt.php
/admn.php
/afafaf.php
/ak.php
/ak47.php
/ak48.php
/alipay.php
/angge.php
/aojiao.php
/aotian.php
/aotu.php
/aotu7.php
/api.php
/app.php
/app/.env
/appserv.php
/asen.php
/autoloader.php
/avast.php
/aw.php
/b.php
/back.php
/backup/
/bak.php
/bb.php
/bbq.php
/bbqq.php
/bbr.php
/bbv.php
/beimeng.php
/blog/xmlrpc.php
/boots.php
/buluya.php
/bx.php
/c.php
/cacti/plugins/weathermap/editor.php
/cadre.php
/cainiao.php
/can.php
/caonma.php
/cc.php
/ccvv
/ce.PHP
/cer.php
/cere.php
/ceshi.php
/chaoda.php
/ci.php
/claroline/phpMyAdmin/index.php
/class1.php
/cmd.php
/cmdd.php
/cmv.php
/cn.php
/cnm.php
/code.php
/common/css/jouhou.css
/composer.php
/composers.php
/conf.php
/conf1g.php
/confg.php
/confie.php
/config.php
/conflg.php
/coon.php
/core.php
/cron.php
/cs.php
/cxfm666.php
/d.php
/d7.php
/dashu.php
/data.php
/data/admin/help.php
/database/index.php
/datas.php
/db.init.php
/db.php
/db/
/db/db-admin/index.php
/db/dbadmin/index.php
/db/dbweb/index.php
/db/index.php
/db/index.php
/db/myadmin/index.php
/db/phpMyAdmin-3/index.php
/db/phpMyAdmin/index.php
/db/phpMyAdmin3/index.php
/db/phpmyadmin/index.php
/db/phpmyadmin3/index.php
/db/webadmin/index.php
/db/webdb/index.php
/db/websql/index.php
/db__.init.php
/db_cts.php
/db_dataml.php
/db_desql.php
/db_pma.php
/db_session.init.php
/dbadmin/
/dbadmin/index.php
/dbadmin/index.php
/ddd.php
/default.php
/defect.php
/desktop.ini.php
/dexgp.php
/diy.php
/dns.php
/dong.php
/download/index.php
/duke.php
/ecmsmod.php
/elrekt.php
/erba.php
/error.php
/errors.php
/errors/processor.php
/erwa.php
/fack.php
/fantao.php
/favicon.ico
/fb.php
/feixiang.php
/ffr.php
/file/parts/css/jquery-lightbox.css
/file/parts/css/sugu-site.css
/file/parts/js/sugu-site.js
/fuck.php
/function.inc.php
/fusheng.php
/fx.php
/g.php
/ganshiqiang.php
/ganzhuolang.php
/general.php
/gg.php
/godkey.php
/guai.php
/guipu.php
/h1.php
/h156.php
/hack.php
/hacly.php
/hannan.php
/hd.php
/hell.php
/hello.php
/help-e.php
/help.php
/hgx.php
/hh.php
/hhh.php
/hl.php
/hm.php
/home.php
/htdocs.php
/htfr.php
/html/.env
/html/public/index.php
/hue2.php
/huoshan.php
/images/!.php
/images/1.php
/images/1ndex.php
/images/asp.php
/images/attari.php
/images/defau1t.php
/images/entyy.php
/images/jsspwneed.php
/images/stories/cmd.php
/images/stories/filemga.php
/images/swfupload/tags.php
/images/up.php
/images/vuln.php
/inc.php
/include/data/tags.php
/include/tags.php
/index1.php
/indexa.php
/indexbak.php
/info.php
/info1.php
/infoo.php
/infos.php
/ioi.php
/ip.php
/izom.php
/j.php
/java.php
/jb.php
/jbb.php
/ji.php
/jiaochi.php
/jing.php
/jj1.php
/jjj.php
/jkl.php
/jsc.php.php
/juji.php
/jy.php
/jyyy.php
/key.php
/knal.php
/kpl.php
/kvast.php
/l6.php
/l7.php
/l8.php
/lala-dpr.php
/lala.php
/lang.php
/lanke.php
/lanyecn.php
/laobiao.php
/lapan.php
/laravel.php
/ldw.php
/liangchen.php
/license.php
/lindex.php
/link.php
/linkr.php
/linkx.php
/linux.php
/linux1.php
/linuxse.php
/ljb.php
/llld.php
/lm.php
/lmn.php
/log.php
/log1.php
/logon.php
/lol.php
/lost.php
/lr.php
/lucky.php
/luoke.php
/luoran.php
/luoran6.php
/luso.php
/lx.php
/m.php
/m.php
/manager/html
/mazi.php
/meng.php
/miao.php
/min.php
/mm.php
/mo.php
/mobai.PHP
/muhstik-dpr.php
/muhstik.php
/muhstik2.php
/muhstiks.php
/mutuba.php
/mx.php
/my.php
/myadmin/
/myadmin/index.php
/myadmin/index.php
/myadmin2/index.php
/mybestloves.php
/mysql-admin/index.php
/mysql-admin/index.php
/mysql.php
/mysql/admin/index.php
/mysql/admin/index.php
/mysql/db/index.php
/mysql/dbadmin/index.php
/mysql/dbadmin/index.php
/mysql/index.php
/mysql/index.php
/mysql/mysqlmanager/index.php
/mysql/mysqlmanager/index.php
/mysql/pMA/index.php
/mysql/pma/index.php
/mysql/sqlmanager/index.php
/mysql/sqlmanager/index.php
/mysql/web/index.php
/mysql_admin/index.php
/mysqladmin/index.php
/mysqladmin/index.php
/mysqlmanager/index.php
/mz.php
/n23.php
/n24.php
/nb.php
/neko.php
/new_license.php
/nidage.php
/nnn.php
/no.php
/nuoxi.php
/ok.php
/okokok.php
/ooi.php
/ooo.php
/ooo23.php
/orange.php
/ou2.php
/oumi.php
/p.php
/p34ky1337.php
/payload.php
/paylog.php
/pe.php
/php-my-admin/index.php
/php-myadmin/index.php
/php.php
/php2MyAdmin/index.php
/phpAdmin/index.php
/phpMyAbmin/index.php
/phpMyAdm1n/index.php
/phpMyAdmin+++—/index.php
/phpMyAdmin-3/index.php
/phpMyAdmin-4.4.0/index.php
/phpMyAdmin._/index.php
/phpMyAdmin._2/index.php
/phpMyAdmin.old/index.php
/phpMyAdmin/
/phpMyAdmin/index.php
/phpMyAdmin/index.php
/phpMyAdmin/phpMyAdmin/index.php
/phpMyAdmin1/index.php
/phpMyAdmin123/index.php
/phpMyAdmin2/index.php
/phpMyAdmin3/index.php
/phpMyAdmin4/index.php
/phpMyAdmin_111/index.php
/phpMyAdmin__/index.php
/phpMyAdmina/index.php
/phpMyAdminhf/index.php
/phpMyAdminn/index.php
/phpMyAdminold/index.php
/phpMyAdmins/index.php
/phpMyAdmion/index.php
/phpMyadmi/index.php
/phpMyadmin/index.php
/phpMyadmin_bak/index.php
/phpMydmin/index.php
/phpNyAdmin/index.php
/phpStudy.php
/phpadmin/index.php
/phpiMyAdmin/index.php
/phpinfi.php
/phpini.php
/phpma/index.php
/phpmadmin/index.php
/phpmy-admin/index.php
/phpmy/index.php
/phpmy/index.php
/phpmyAdmin/index.php
/phpmyadm1n/index.php
/phpmyadmin-old/index.php
/phpmyadmin/
/phpmyadmin/index.php
/phpmyadmin/index.php
/phpmyadmin/phpmyadmin/index.php
/phpmyadmin0/index.php
/phpmyadmin1/index.php
/phpmyadmin2/index.php
/phpmyadmin2/index.php
/phpmyadmin2011/index.php
/phpmyadmin2012/index.php
/phpmyadmin2013/index.php
/phpmyadmin2014/index.php
/phpmyadmin2015/index.php
/phpmyadmin2016/index.php
/phpmyadmin2017/index.php
/phpmyadmin2018/index.php
/phpmyadmin2019/index.php
/phpmyadmin2222/index.php
/phpmyadmin3/index.php
/phpmyadmin3333/index.php
/phpmyadmin4/index.php
/phppma/index.php
/phppma/index.php
/phpstudy.php
/pk1914.php
/plugins/weathermap/editor.php
/plus/90sec.php
/plus/bakup.php
/plus/canshi.php
/plus/dajihi.php
/plus/e7xue.php
/plus/gu.php
/plus/huai.php
/plus/laobiao.php
/plus/laobiaoaien.php
/plus/lucas.php
/plus/ma.php
/plus/moon.php
/plus/mybak.php
/plus/mytag.php
/plus/qiang.php
/plus/read.php
/plus/service.php
/plus/shaoyong.php
/plus/tou.php
/plus/xsvip.php
/plus/yunjitan.php
/pma-old/index.php
/pma.php
/pma/
/pma/index.php
/pma/index.php
/pma2011/index.php
/pma2012/index.php
/pma2013/index.php
/pma2014/index.php
/pma2015/index.php
/pma2016/index.php
/pma2017/index.php
/pma2018/index.php
/pma2019/index.php
/pmamy/index.php
/pmamy2/index.php
/pmd/index.php
/pmd_online.php
/pop.php
/post.php
/pp.php
/ppl.php
/ppp.php
/ppx.php
/program/index.php
/program/index.php
/public/index.php
/pwd/index.php
/python.php
/q.php
/qa.php
/qaq.php
/qaz.php
/qiangkezhi.php
/qiqi.php
/qiqi1.php
/qiqi11.php
/qq.php
/qq5262.php
/qqq.php
/que.php
/queqiao.php
/qunhuang.php
/qw.php
/qwe.php
/qwq.php
/qwqw.php
/repeat.php
/robots.txt
/rrr.php
/ruii.php
/ruyi.php
/rxr.php
/s.php
/s/index.php
/s1.php
/sanan.php
/sane.php
/sbb/index.php
/sbkc.php
/sbkcb.php
/sean.php
/sha.php
/shaAdmin/index.php
/shanzhi.php
/she.php
/sheep.php
/shell.php
/shh.php
/shi.php
/shipu.php
/shopdb/index.php
/shopdb/index.php
/sitemap.xml
/slider.php
/sllolx.php
/spider.php
/sql/myadmin/index.php
/sql/php-myadmin/index.php
/sql/phpMyAdmin/index.php
/sql/phpMyAdmin2/index.php
/sql/phpmanager/index.php
/sql/phpmy-admin/index.php
/sql/phpmyadmin2/index.php
/sql/sql-admin/index.php
/sql/sql/index.php
/sql/sqladmin/index.php
/sql/sqlweb/index.php
/sql/webadmin/index.php
/sql/webdb/index.php
/sql/websql/index.php
/sqlk.php
/sqlmanager/index.php
/ss.php
/ssaa.php
/sss.php
/super.php
/system.php
/sz.php
/t6nv.php
/taocishun.php
/temp.php
/temtel.php
/test.php
/test123.php
/test404.php
/tests.php
/text.php
/think.php
/thinkphp/html/public/index.php
/tiandi.php
/tianqi.php
/tomcat.php
/tools/phpMyAdmin/index.php
/toor.php
/tt.php
/ttt.php
/tty.php
/typo3/phpmyadmin/index.php
/tyrant.php
/u.php
/undx.php
/up.php
/uploader.php
/userr.php
/uu.php
/uuu.php
/v.php
/v/index.php
/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php
/ver.php
/vf.php
/vuln.php
/vuln1.php
/vvv.php
/w.php
/wan.php
/wanan.php
/wb.php
/wc.php
/wcp.php
/web/phpMyAdmin/index.php
/webconfig.php
/webconfig.txt.php
/webdav/
/webslee.php
/weixiao.php
/whoami.php
/whoami.php.php
/win.php
/win1.php
/wp-admins.php
/wp-config.php
/wp-content/plugins/portable-phpmyadmin/wp-pma-mod/index.php
/wp-content/plugins/portable-phpmyadmin/wp-pma-mod/index.php
/wp-content/plugins/si-captcha-for-wordpress/captcha/ttffonts/theme.php
/wp-content/plugins/simple-301-redirects/redirects.php
/wp-content/themes/thesis_182/comments.php
/wp-content/themes/thesis_182/lib/functions/launch.php
/wp-login.php
/wpc.php
/wpo.php
/wshell.php
/wuwu11.php
/ww.php
/www.php
/www/phpMyAdmin/index.php
/x.php
/xampp/phpmyadmin/index.php
/xh.php
/xi.php
/xiao.php
/xiaobin.php
/xiaodai.php
/xiaohei.php
/xiaoma.php
/xiaomae.php
/xiaomar.php
/xiaomo.php
/xiaoxi.php
/xiaoyu.php
/xing.php
/xiong.php
/xixi.php
/xmlrpc.php
/xp.php
/xshell.php
/xun.php
/xw.php
/xw1.php
/xx.php
/xx33.php
/xxx.php
/xxxx.php
/xz.php
/yao.php
/yc.php
/ycc.php
/yccc.php
/yj.php
/ysy.php
/yu.php
/yumo.php
/yyy.php
/z.php
/zhk.php
/zhui.php
/zshmindex.php
/zuo.php
/zuoindex.php
/zuos.php
/zuoshou.php
/zuoshss.php
/zuoss.php
/zxc.php
/zxc0.php
/zxc1.php
/zxc2.php
/zzk.php
/zzz.php


該当するアドレスがありましたら、変更されることをご検討ください。