ããã°ããããã³ã°ãããã£ãŠã
WordPressã¯ã»ãã¥ãªãã£å¯Ÿçãèãããå®æãããããçµéšãããŸããã
ãããå æ¥ãã®ããã°ããããã³ã°ãããã®ã§ãã
äœãèµ·ãã£ãã®ããåå ã¯äœã ã£ãã®ãããŸãåãããšãé²ãããã«ã©ã®ãããªã»ãã¥ãªãã£å¯Ÿçãè¡ã£ãã®ããé·ããªããŸãããã¡ã¢ããŠãããŸãã
ããã°ããŠã³ã¯çªç¶ã«
ãããããã¯çªç¶ã®ããšã§ãããç§ãå©çšããŠãããšãã¯ã¹ãµãŒããŒããããããããªã¡ãŒã«ãå±ããŸãã
å¹³çŽ ã¯åœãµãŒãã¹ããå©çšããã ãèª ã«ããããšãããããŸãã
ãšãã¯ã¹ãµãŒã㌠ã«ã¹ã¿ããŒãµããŒãã§ããããŸãã
ã客æ§ã®ãµãŒããŒã¢ã«ãŠã³ãã«ãããŠããµãŒããŒã«å¯Ÿããè² è·ãèããé«ãç¶æ³ã確èªããããŸããã
ãã®åºŠã®è² è·äžæã«éããŠããã»ã¹ã®çšŒåç¶æ³ã確èªããŸãããšããã以äžã®äžæ£ãªããã»ã¹ãå€æ°çšŒåããŠãããŸããã
âŒçšŒåããŠããäžæ£ãªããã»ã¹
ïŒcron.php ã®ããã»ã¹ïŒ
ãããåããåœãµããŒãã«ãŠã»ãã¥ãªãã£èª¿æ»ãè¡ããŸãããšãããã客æ§ããå©çšã®ããã°ã©ã ã«ã»ãã¥ãªãã£äžèŽåœçãªãã°ïŒè匱æ§ïŒãååšããåœè©²è匱æ§ã第äžè ã«æªçšãããŠããŸã£ãå¯èœæ§ãéåžžã«é«ãç¶æ³ã§ããããŸããã
ãã®ãããäºåŸã®ãæ¡å ãšãªã倧å€æçž®ã§ããããŸãããç·æ¥æªçœ®ãšããŠäžèšå¶éãå®æœããŠãããŸãã
âŒãµããŒãã«ãŠå®æœããå¶éå 容
ã»åœè©²ãµãŒããŒã¢ã«ãŠã³ãã«å¯Ÿããç·æ¥çãªWebã¢ã¯ã»ã¹å¶éãå®æœ
â»äžèšåŠçã«äŒŽããWebã¢ã¯ã»ã¹ãè¡ããš403ãšã©ãŒãšãªãç¶æ³ã§ãã
ã¹ãã ã¡ãŒã«ã®å€§ééä¿¡ããã£ãã·ã³ã°ãµã€ãã®éèšãªã©ã®ãäžæ£ã¢ã¯ã»ã¹ãã«ãããããªã被害ã®çºçãé²ããããäžèšå¯Ÿå¿ãå®æœããŸããããšãäœåãäºæ¿ãã ãããŸããããé¡ãããããŸãã
å®éã«ãµã€ãã«ã¢ã¯ã»ã¹ããŠã¿ããšã403ãšã©ãŒãåºãŠå®å šã«ããã°ãããŠã³ããŠããŸãã
åå ã¯äœã
ãšãã¯ã¹ãµãŒããŒããããã®ã¡ãŒã«ãç¶ããŸãã
âŒäžæ£ã¢ã¯ã»ã¹ã®æ ¹æ¬åå
——————————
(1)ã客æ§ãéçšäžã®ããã°ã©ã ã«ãããŠã»ãã¥ãªãã£äžåé¡ã®
â該åœããã°ã©ã ããã©ããªã³ãã³ãã§ãå®è¡å¯èœãã§ããå Žåã該åœããã°ã©ã ãçµç±ããŠäžæ£ãªã³ãã³ãã®å®è¡ããäžæ£ãªãã¡ã€ã«ã®èšçœ®ãè¡ããŠããŸããŸãã
(2)ã客æ§ã®ãµãŒããŒã¢ã«ãŠã³ãã«é¢ããFTPæ
å ±ãæµåºãã第äžè
ã«äžæ£ã«FTPæ¥ç¶ããããã
âFTPæäœèªäœã«ãããã¡ã€ã«æ¹ããã¯ããšãããä»»æã®ããã°ã©ã ãèšçœ®ããããšã§ã©ããªã³ãã³ãã§ãå®è¡ã§ããŠ
——————————
ã客æ§ã®ãµãŒããŒã¢ã«ãŠã³ãã«ãããŠã¯äžå¯©ãªFTPã¢ã¯ã»ã¹ãèŠ
ãŸããä»åã®èª¿æ»ã§ã¯äžå¯©ãªã¢ã¯ã»ã¹ã¯èŠåããããŸããã§ããã
CMSããå©çšã®å Žåããã¹ã¯ãŒãããã匷åºãªç©ãžå€æŽãããªã©
ãšãã¯ã¹ãµãŒããŒããããã®åçãšãèªåèªèº«ã®ç¶æ³ããèªã¿åããããšã¯äžèšã
- ãšãã¯ã¹ãµãŒããŒããã®ã¡ãŒã«ã«ãããšãFTPæ å ±æµåºã«ãããã®ã§ã¯ãªããåå ã¯ãéçšäžã®ããã°ã©ã ã«ãããŠã»ãã¥ãªãã£äžåé¡ã®ããèŽåœçãªãã°ïŒè匱æ§ïŒãååšãã第äžè ã«è匱æ§ãå©çšããããããã
- WordPressã®ããã·ã¥ããŒãçµç±ã§ã®ãã°ã€ã³ã§ã¯ãªãããããã©ã°ã€ã³ãSiteGuard WP Pluginãã䜿çšããŠããã誰ãããã°ã€ã³ãããšã¡ãŒã«ãé£ãã§ããä»æ§ã
- ãµã€ãã¯SSLå°å ¥æžãWordPressã®ããŒãžã§ã³ã¯ææ°ã
- æµ·å€åšäœã®ããããšãã¯ã¹ãµãŒããŒããã®ãWordPressã»ãã¥ãªãã£èšå®ãã®ãããã·ã¥ããŒãã¢ã¯ã»ã¹ã»REST API ã¢ã¯ã»ã¹å¶éããOFFã«ããŠããã
- æµ·å€åšäœãã€ãšãã£ã¿ãMarsEditãã䜿çšããŠããé¢ä¿ã§ããšãã¯ã¹ãµãŒããŒããã®ãWordPressã»ãã¥ãªãã£èšå®ãã®ãXML-RPC API ã¢ã¯ã»ã¹å¶éããOFFã«ããŠããïŒWordPressã§æ»æãåãããããã¡ã€ã«ã®ã²ãšã€ãšããŠãããxmlrpc.phpãæããïŒã
- ç¡æããŒããXeory Baseãã䜿çšããŠããããã©ã°ã€ã³ã15åãããå ¥ã£ãŠãããäžæ£ãªãã¡ã€ã«ãã°äžèŠ§ã®äžã«ãã/xeory_base/functions.phpããã/plugins/wp-social-bookmarking-lightããå«ãŸããŠããã
ãããïŒãïŒã©ãããèµ·ãã£ãŠããŠããããããªããã€âŠâŠïŒã£ãŠãããæµ·å€åšäœãšã¯ãããèªåã§ã»ãã¥ãªãã£åŒ±ãããŠããåœå€ããã®ã¢ã¯ã»ã¹èš±ããŠãã£ãŠããèªæ¥èªåŸâŠâŠïŒïŒ
ãšããèš³ã§ããã£ããåçããŠãµã€ãã埩æ§ãããïŒãïŒã®ã»ãã¥ãªãã£å¯Ÿçãç·Žãããšã«ãªããŸããã
ããã¯ã¢ããã ãã¯æäœéåã£ãŠãŠæ¬åœè¯ãã£ãâŠâŠã
ãµã€ãã®åŸ©æ§ã§å€§å€ã ã£ãããš
ãã¡ã€ã³äžã®ããŒã¿å šåé€
ãšãã¯ã¹ãµãŒããŒããããã®æ瀺ã¯ãçµæ§å€§å€ãªãã®ã§ããã
ãŸããããã°ã©ã ã¯ãã®ä»çµã¿äžãäžäœãã©ã«ãã«å¯Ÿãããã¡ã€ã«æäœïŒãã¡ã€ã«ã®èšçœ®ãç·šéïŒãè¡ããŠããŸããŸãã
ãã®ãããåçµã®è§£é€ã«ããã£ãŠã¯ãæ€åºãããäžæ£ãªãã¡ã€ã«ã ãã§ã¯ãªãããµãŒããŒã¢ã«ãŠã³ãå šäœã®ãã¹ãŠã®ãã¡ã€ã«ãåé€ããŠããã ããããé¡ãããŠãããŸãã
Â
äžæ£ã¢ã¯ã»ã¹ã«ãã被害ã®çºçã»åçºãé²ãããã®æªçœ®ã§ããããŸããäœåãç解ãã ãããŸããããé¡ãããããŸãã
ãäžæãªç¹ãªã©ããããŸãããããæ°è»œã«ãåãåãããã ããã
å°éã«ãµã€ããèšå®ããªãããŠåŸ©æ§
ããããã¯ãããå°éã»å°éãªåŸ©æ§ããšãã¯ã¹ãµãŒããŒå©çšè åãã®åå¿é²ãšããŠç°¡åã«ã¹ããããèŒããŠãããŸãã
- ãšãã¯ã¹ãµãŒããŒããããã®æ瀺ã«åŸããç¬èªãã¡ã€ã³ããã¹ãŠåé€ãåæãã¡ã€ã³ãåæåãFTPã§ããªã«ãäœèšãªãã¡ã€ã«ãæ®ã£ãŠããªãã確èªãããŒã¿ãäœããã綺éºãã£ã±ãæ¶ããŸããã
- ãšãã¯ã¹ãµãŒããŒããã«é£çµ¡ããµããŒãäœå¶ããã£ããããŠããã®ã§ãç¿æ¥ã«ã¯é£çµ¡ãæ¥ãŠããšãããã403ãšã©ãŒã解é€ã
- ãã¡ã€ã³ãåèšå®ããµã€ãã«ã¢ã¯ã»ã¹ãããšããããªè¡šç€ºã«ãªããŸããã
- WordPressãã€ã³ã¹ããŒã«ããšãã¯ã¹ãµãŒããŒã®ãµãŒããŒããã«ãå·Šã¡ãã¥ãŒãããWordPressç°¡åã€ã³ã¹ããŒã«ããéžæããå¿
èŠãªæ
å ±ãå°éã«å
¥ããŠãããŸããäžçªäžã®ãããŒã¿ããŒã¹ãã«ãŠããããŸã§äœ¿ã£ãŠããããŒã¿ããŒã¹ã䜿çšããããšãããšãšã©ãŒãåºãŸããã空ç¶æ ã®ããŒã¿ããŒã¹ããæå®ãã ããããšãªã£ãŠããã®ã§ããã¶ãã¶æ°ããããŒã¿ããŒã¹ãæå®ããåŸãåŸããwp-config.phpã®ããŒã¿ããŒã¹è«žã ãå ¥ãæ¿ããŸããã
ãã®èŸºãããã¿ãŒãªæ¹æ³ããåç¥ã®æ¹ããã£ãããã°æããŠã»ããã§ãâŠâŠããããŒã¿ããŒã¹ã®ãã¹ã¯ãŒããªããæ§ããŠãªãïŒããšããç§ã¿ãããªæ¹ã¯ããšãã¯ã¹ãµãŒããŒã®ãµãŒããŒããã«ãããMySQLèšå®ãïŒãMySQLãŠãŒã¶äžèŠ§ããšãããšãããããã¹ã¯ãŒããå€æŽå¯èœã§ãã - WordPressãç¡äºã«ã€ã³ã¹ããŒã«ã§ããããããã¯ã¢ããããŒã¿ãéããFTPçµç±ã§å¿
èŠãªãã¡ã€ã«ãå
¥ãçŽããŸãããwp-contentããšãwp-includesããã©ã«ããããããŒãã»ãã©ã°ã€ã³ã»ç»åããŒã¿ãªã©ãå¿
èŠãªãã®ã ããæ»ããŸãã
ããã¯ã¢ããã ãã¯æäœéåã£ãŠãŠæ¬åœè¯ãã£ãâŠâŠïŒïŒåç®ïŒã - ãããŸã§ãããšããšãããããµã€ã埩æ§ã¯å®äºããã ãæ ¹æ¬åå ã§ããã»ãã¥ãªãã£ã¯å¥é察çããå¿ èŠããããŸãã
WordPressãµã€ãã®ã»ãã¥ãªãã£ã匷åããããã§ãã£ãããš
åœããåãªãšããããç¹æ€ããæãã€ããŠè¡ããŸããã
- WordPressã®ãã¹ã¯ãŒããããã匷åºãªãã®ã«å€æŽãFTPãªã©ã®ãã¹ã¯ãŒãå«ããŠã匱ãããªãã®ã»äœ¿ããŸãããŠãããã®ã¯å šéšå€æŽã
- WordPressã®ããŒãžã§ã³ãææ°ã§ããããšã確èªãèªåæŽæ°ãOnã«ã
- ãšãã¯ã¹ãµãŒããŒã®ãµãŒããŒããã«ãããphp.inièšå®ãã確èªãããã¯ãšãã¯ã¹ãµãŒããŒããããã®ã¡ãŒã«ã§ãPHPããã°ã©ã ãå©çšããŠããå Žåã¯ããã®èšå®ãOFFã«ããããšã匷ãæšå¥šãããŠããããããallow_url_fopenããšãallow_url_includeããã©ã¡ãããç¡å¹ïŒOffïŒãã§ããããšã確èªã
- WordPressã®ã»ãã¥ãªãã£ãã©ã°ã€ã³ãSiteGuard WP Pluginããå ¥ãããã°ã€ã³ç»é¢ãå€æŽãã<ãµã€ãå>/wp-admin/ ãã§èª°ã§ãã¢ã¯ã»ã¹ã§ããŠããŸãç¶æ³ãå€æŽããå¥ã®ãã°ã€ã³çšURLãçºè¡ããã
- ããã«ãWordPressã®ã»ãã¥ãªãã£ãã©ã°ã€ã³ãminiOrange 2 Factor Authenticationããå ¥ããWordPress管çç»é¢ã®äºæ®µéèªèšŒãèšå®ã
- ãã©ã°ã€ã³ã®èŠçŽãã15å以äžãã©ã°ã€ã³ãå
¥ã£ãŠãããããã©ãããŠããã©ã°ã€ã³ãå€ããšè匱æ§ãçãŸããããç¶æ³ã§ã¯ãããŸãããç§ã®å Žåãããã¯ç¡æããŒãããææããŒãã®ãTHEã»THOR(ã¶ã»ããŒã«)ãã«å€æŽããããšã§è§£æ±ºãå
¥ããŠãããã©ã°ã€ã³ã¯èªåæŽæ°ãOnã«ãâ»å®ã¯ãã®æ±ºæãæã£ã以äžã«è¯ãã£ããæ£çŽã¶ã»ããŒã«ã®ãããã§ãµã€ã管çã«é¢ããè²ããªé¢ã®æ©ã¿ãæžããã³ã³ãã³ãã«éäžã§ããããã«ãªããŸãããçŸåšãã©ã°ã€ã³ã§å ¥ããŠããã®ã¯ãäžèšã®ã»ãã¥ãªãã£ãã©ã°ã€ã³ãã¢ã³ãã¹ãã ãããã¯ã¢ãããç»åæé©åãªã©ïŒã€ã ãã
- ææããŒããTHEã»THOR(ã¶ã»ããŒã«)ãã®ã»ãã¥ãªãã£èšå®ãããWordPressãã°ã€ã³ç»é¢ã«IDã§ã¯ãªãã¡ãŒã«ã¢ãã¬ã¹ã§ãã°ã€ã³ã§ããããã«èšå®ïŒå®ã¯ãã°ã€ã³IDãæšæž¬ããã®ã¯ç°¡åïŒã
- æµ·å€åšäœè
ã«ãšã£ãŠã¯ãããèããšãã¯ã¹ãµãŒããŒã®ãWordPressã»ãã¥ãªãã£èšå®ãå
ã«ãããåœå€IPã¢ã¯ã»ã¹å¶éã®é
ç®ããã¹ãŠOnã«å€æŽãæ¥æ¬åšäœãã€MarsEditãªã©ã®ãšãã£ã¿ã䜿ããªãå Žåã¯ããã®èšå®ãããããOffã«ããå¿
èŠãããããŸããã
- ãšã¯ãããæµ·å€åšäœã®å Žåã¯ããããããšãèªåã®ãµã€ãã«ã¢ã¯ã»ã¹ã§ããªããªã£ãŠããŸããŸãã察çãšããŠãåå¥ã®IPã¢ãã¬ã¹ïŒèªåã®IPã¢ãã¬ã¹ã ãïŒãæå®ããŠå¶éã解é€ããããšã§ããã®èšå®ãOnã«ãããŸãŸæµ·å€ããã§ãã¢ã¯ã»ã¹ã§ããŸãã詳现ã¯ãã¡ãã®èšäºã«ãäžè©±ã«ãªããŸããã
- XML-RPC APIã¢ã¯ã»ã¹å¶éã解é€ããããšã§MarsEditã䜿ããªããªããŸããããªãã©ã€ã³ã§ã¬ã³ã¬ã³ããã°ãç·šéã§ããã®ã§ããã®ããã°ãå§ããåãäžçäžåšãããªããä»äºãããããã§ã¯ããã圹ã«ç«ã£ãŠããã®ã§ãããçŸç¶ã³ãããŠã£ã«ã¹ã®åœ±é¿ããããªãã©ã€ã³äœæ¥ãããå¿
èŠããªããªããŸãããçŸåšã¯ã¢ã¯ã»ã¹å¶éãOnã«ããããã§ãWordPressãšãã£ã¿ã§ç·šéããŠããŸããããããŸã«æšæºãšãã£ã¿ã§äºæ³å€ã®ãã°ãçããããšãããã®ã§ãå°æ¥çã«ã¯ãªã«ã察çããããããªãšèããŠããŸãã
Â
-  ãµã€ãã®åžžæSSLåã
- ãšãã¯ã¹ãµãŒããŒã®ãSSLèšå®ããããç¬èªSSLèšå®è¿œå ããéžæã
- ãµã€ããåžžæãhttps://ïœãã«ãããïŒåžžæSSLåïŒå Žåã.htaccessãç·šéãããå¿
èŠããããŸããäžèšãåç
§ããŠãã ããã
ç¬èªSSLã®èšå®ãå®äºããæç¹ã§ã¯ãèªåçã«ãhttps://ïœãã®URLãžè»¢éãããŸããã
Webãµã€ãã«ããããã¹ãŠã®è¡šç€ºãåžžæSSLåããå Žåã¯ãã.htaccessç·šéãã§ä»¥äžã®èšè¿°ãè¿œå ããŸãã
RewriteEngine On
RewriteCond %{HTTPS} !on
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]ãhttp://ïœãã®URLã§ã¢ã¯ã»ã¹ããéãèªåçã«ãhttps://ïœãã®URLãžè»¢éãããŠããã°èšå®å®äºã§ãã
åç §å ïŒhttps://www.xserver.ne.jp/manual/man_server_fullssl.php
ãããã³ã°ã®æšçã«ãªã£ãŠæã£ãããš
- WordPressããã°ãéçšããããã§ã»ãã¥ãªãã£å¯Ÿçã¯å¿ é ããããã³ã°ãããåã«ãã£ãŠããã
- ãããšãããšãã®ããã®ããã¯ã¢ãã倧äºïŒïŒåç®ïŒã
Â
æãåã£ãŠè³Œå ¥ããŠããã£ããªãšæããããšãå€ãã§ããç¹ã«è¯ãã£ãã®ã¯ãPHPãCSSãªã©ãçŽæ¥ç·šéããå¿ èŠãã»ãšãã©ãªããªããæžãããšã«éäžã§ããããã«ãªã£ãããšãçŸåšã®ãã¶ã€ã³ã¯ãã¶ã»ããŒã«ã®ãã³ãã¬ãŒãã®ã²ãšã€ããäžåã³ãŒãç·šéãããã«ãUIäžã§ã«ã¹ã¿ãã€ãºããŠããã ãã§ãããã©ã°ã€ã³ã®æ°ãåå以äžã«æžããã»ãã¥ãªãã£é¢ã§ã®å¿é ãæžããŸããã
ç¡æããŒãããææããŒããžã®åãæ¿ããèããŠããæ¹ãæ°ã«ãªãæ¹ã¯ãã²ãã§ãã¯ããŠã¿ãŠãã ãããã
The ThorïŒã¶ã»ããŒã«ïŒã®å ¬åŒãµã€ããèŠã
âŒãã£ãšè©³ããThe ThorïŒã¶ã»ããŒã«ïŒã®ææ³ã»ã¬ãã¥ãŒã¯ãã¡ãâŒ
WordPressããŒããThe ThorïŒã¶ã»ããŒã«ïŒãã¬ãã¥ãŒïŒå®éã«ãã®ãµã€ãã§äœ¿ã£ãŠæããé·æãšçæãåããŠãããªäººãæ£çŽã«æžããŠã¿ã