有人发出了一些wp wlwmanifest.xml http请求,但是为什么呢?
有人发出了一些wp wlwmanifest.xml http请求,但是为什么呢?
提问于 2021-06-03 05:21:12
这是一个奇怪的问题。有人刚刚向我的服务器发出了以下HTTP请求:
127.0.0.1 - - [02/Jun/2021 15:28:00] "GET //wp-includes/wlwmanifest.xml HTTP/1.0" 404 -
127.0.0.1 - - [02/Jun/2021 15:28:00] "GET //xmlrpc.php?rsd HTTP/1.0" 404 -
127.0.0.1 - - [02/Jun/2021 15:28:00] "GET / HTTP/1.0" 200 -
127.0.0.1 - - [02/Jun/2021 15:28:00] "GET //blog/wp-includes/wlwmanifest.xml HTTP/1.0" 404 -
127.0.0.1 - - [02/Jun/2021 15:28:00] "GET //web/wp-includes/wlwmanifest.xml HTTP/1.0" 404 -
127.0.0.1 - - [02/Jun/2021 15:28:01] "GET //wordpress/wp-includes/wlwmanifest.xml HTTP/1.0" 404 -
127.0.0.1 - - [02/Jun/2021 15:28:01] "GET //website/wp-includes/wlwmanifest.xml HTTP/1.0" 404 -
127.0.0.1 - - [02/Jun/2021 15:28:01] "GET //wp/wp-includes/wlwmanifest.xml HTTP/1.0" 404 -
127.0.0.1 - - [02/Jun/2021 15:28:01] "GET //news/wp-includes/wlwmanifest.xml HTTP/1.0" 404 -
127.0.0.1 - - [02/Jun/2021 15:28:01] "GET //2018/wp-includes/wlwmanifest.xml HTTP/1.0" 404 -
127.0.0.1 - - [02/Jun/2021 15:28:01] "GET //2019/wp-includes/wlwmanifest.xml HTTP/1.0" 404 -
127.0.0.1 - - [02/Jun/2021 15:28:01] "GET //shop/wp-includes/wlwmanifest.xml HTTP/1.0" 404 -
127.0.0.1 - - [02/Jun/2021 15:28:01] "GET //wp1/wp-includes/wlwmanifest.xml HTTP/1.0" 404 -
127.0.0.1 - - [02/Jun/2021 15:28:01] "GET //test/wp-includes/wlwmanifest.xml HTTP/1.0" 404 -
127.0.0.1 - - [02/Jun/2021 15:28:01] "GET //media/wp-includes/wlwmanifest.xml HTTP/1.0" 404 -
127.0.0.1 - - [02/Jun/2021 15:28:01] "GET //wp2/wp-includes/wlwmanifest.xml HTTP/1.0" 404 -
127.0.0.1 - - [02/Jun/2021 15:28:01] "GET //site/wp-includes/wlwmanifest.xml HTTP/1.0" 404 -
127.0.0.1 - - [02/Jun/2021 15:28:02] "GET //cms/wp-includes/wlwmanifest.xml HTTP/1.0" 404 -
127.0.0.1 - - [02/Jun/2021 15:28:02] "GET //sito/wp-includes/wlwmanifest.xml HTTP/1.0" 404 -有人知道为什么有人会尝试这个吗?我知道这与WordPress有关(我不使用/已经安装了它),但我仍然想知道为什么有人会试图发出这些请求。
太感谢了,朱尔斯
附注:服务器说它来自localhost,但那是因为它通过Nginx
回答 2
Stack Overflow用户
发布于 2021-09-14 20:48:48
今天也收到了同样的请求,没有安装Wordpress。我猜是某种扫描仪。它查询多个位置
/wp2/wp-includes/wlwmanifest.xml
/site/wp-includes/wlwmanifest.xml
/cms/wp-includes/wlwmanifest.xml
/sito/wp-includes/wlwmanifest.xml
/shop/wp-includes/wlwmanifest.xml
/xmlrpc.php
etc.从多个位置查询。新加坡,美国,南非,澳大利亚,印度。这会持续一整天,并且在每一轮扫描后切换位置。不应该假设任何不好的东西,但也不符合dirbuster/gobuster的模式。
用户代理始终为:Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36
我还收到了一些来自同一个用户代理的不同查询:
/aaa9
/aad7有什么值得关注的吗,或者只是机器人就是机器人?
Stack Overflow用户
发布于 2022-02-22 15:34:54
这很常见。今天,世界上超过40%的互联网流量是机器人,25%是恶意机器人。它们只是不断地在尽可能多的索引域中寻找可能的安全漏洞的机器人,以便危害网站。有一些工具可以帮助您检测这些请求并采取行动。例如fail2ban。
页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/67812746
复制相关文章
相似问题
腾讯云开发者
