\n\u3000\u03c3(^^)\u304c\u7ba1\u7406\u3057\u3066\u308bMovableType\u30b5\u30fc\u30d0\u30fc\uff12\u53f0\u304c\u3001\u3068\u304d\u3069\u304d\u30cf\u30f3\u30b0\u30a2\u30c3\u30d7\u3057\u305f\u3088\u3046\u306b\u7121\u53cd\u5fdc\u306b\u306a\u308b\u3053\u3068\u304c\u6642\u3005\u3042\u308a\u307e\u3057\u3066\u3001top\u306b\u3088\u308b\u3068mt-tb.cgi\u304c\u539f\u56e0\u307d\u3044\u3002\u3064\u307e\u308a\u3001\u30c8\u30e9\u30c3\u30af\u30d0\u30c3\u30af\u51e6\u7406\u3067\u30ea\u30bd\u30fc\u30b9\u304c\u98df\u3044\u3064\u3076\u3055\u308c\u3066\u3044\u308b\u3068\u3044\u3046\u3053\u3068\u3067\u3059\u306d\u3002\n<\/p>\n
\n\u3000spam\u30c8\u30e9\u30c3\u30af\u30d0\u30c3\u30af\u306e\u30d5\u30a3\u30eb\u30bf\u30ea\u30f3\u30b0\u81ea\u4f53\u306fMT\u5185\u8535\u6a5f\u80fd\u3067\u307b\u307c\u89e3\u6c7a\u3067\u304d\u308b\u3093\u3067\u3059\u304c\u3001\u3053\u306e\u51e6\u7406\u81ea\u4f53\u304c\u91cd\u3059\u304e\u3066\u3001\u5c71\u306e\u3088\u3046\u306b\u30c8\u30e9\u30c3\u30af\u30d0\u30c3\u30af\u304c\u6765\u305f\u5834\u5408\u306bDoS\u72b6\u614b\u306b\u306a\u3063\u3066\u3057\u307e\u3046\u8a33\u3067\u3059\u3002\n<\/p>\n
\n\u3000\u305d\u3053\u3067Apache\u30ec\u30d9\u30eb\u3067\u7279\u5b9a\u306e\u30ea\u30af\u30a8\u30b9\u30c8\u3092\u6392\u9664\u3067\u304d\u308bmod_security\u3092\u5c0e\u5165\u3057\u3066\u307f\u307e\u3057\u305f\u30021.8\/1.9\u7cfb\u306e\u8a2d\u5b9a\u4f8b\u306f\u305f\u304f\u3055\u3093\u898b\u3064\u304b\u308b\u3093\u3067\u3059\u304c\u3001\u8a2d\u5b9a\u6587\u6cd5\u304c\u307e\u308b\u3063\u3068\u5909\u66f4\u3055\u308c\u305f2.x\u7cfb\u306e\u60c5\u5831\u306f\u898b\u3064\u304b\u3089\u305a\u82e6\u52b4\u3057\u307e\u3057\u305f\u3002\u306a\u306b\u3082\u8003\u3048\u305a\u306b\u6700\u65b0\u7248\u3092\u5c0e\u5165\u3057\u3066\u3057\u307e\u3063\u305f…\n<\/p>\n
\n\u3000\u3068\u308a\u3042\u3048\u305a\u8a2d\u5b9a\u3057\u3066\u307f\u305f\u3063\u3066\u6bb5\u968e\u3067\u3059\u304c\u3001\u899a\u3048\u66f8\u304d\u3057\u3066\u304a\u304d\u307e\u3059\u3002\n<\/p>\n
\n\u3000\u30a6\u30c1\u306e\u74b0\u5883\u3060\u3068\u3001mod_unique_id\u306f\u5c0e\u5165\u6e08\u307f\u3067\u3057\u305f\u3002libxml2\u306flibxml2-devel\u30d1\u30c3\u30b1\u30fc\u30b8\u307e\u3067\u5165\u308c\u3066\u304a\u304f\u5fc5\u8981\u304c\u3042\u308b\u307f\u305f\u3044\u3067\u3059\u3002\n<\/p>\n
\n\u3000\u3067\u3001\u5f8c\u306f\u30a2\u30fc\u30ab\u30a4\u30d6\u3092\u5c55\u958b\u3057\u3001Makefile\u5185\u306etop_dir = \u884c\u306b\u3001httpd.conf\u306eServer root\u3067\u6307\u5b9a\u3057\u3066\u3042\u308b\u30d1\u30b9\u3092\u8a18\u5165\u3057\u3001make\u3001make install\u3057\u307e\u3059\u3002\n<\/p>\n
\n\u3000Apache\u5074\u306e\u8a2d\u5b9a\u3068\u3057\u3066\u3001httpd.conf\u306e\u7136\u308b\u3079\u304d\u5834\u6240\u306b\u3001\n<\/p>\n
\nLoadFile \/usr\/lib\/libxml2.so\n<\/p>\n
\nLoadModule unique_id_module modules\/mod_unique_id.so
\nLoadModule security2_module modules\/mod_security2.so\n<\/p>\n
\n \u3092\u8a18\u5165\u3057\u307e\u3059\u3002\n<\/p>\n
\n\u3000\u516c\u5f0f\u30b5\u30a4\u30c8\u306b\u306f\u3001USER-AGENT\u3084IP\u30a2\u30c9\u30ec\u30b9\u306a\u3069\u306e\u30d6\u30e9\u30c3\u30af\u30ea\u30b9\u30c8\u3092\u5b9a\u7fa9\u3057\u305f\u8a2d\u5b9a\u30d5\u30a1\u30a4\u30eb\u304c\u8272\u3005\u7f6e\u304b\u308c\u3066\u3044\u307e\u3059\u304c\u3001\u3053\u306e\u624b\u306f\u6700\u65b0\u7248\u3092\u5165\u308c\u7d9a\u3051\u306a\u3044\u3068\u52b9\u679c\u304c\u8584\u305d\u3046\u3060\u3057\u3001\u30eb\u30c3\u30af\u30a2\u30c3\u30d7\u306e\u8ca0\u8377\u3082\u5927\u304d\u305d\u3046\u306a\u306e\u3067\u3001\u3068\u308a\u3042\u3048\u305a\u65e5\u672c\u306e\u7686\u3055\u3093\u304c\u3084\u3089\u308c\u3066\u3044\u308b\u300c\u65e5\u672c\u8a9e\uff08\uff12\u30d0\u30a4\u30c8\u6587\u5b57\uff09\u3092\u542b\u307e\u306a\u3044\u3082\u306e\u3092\u5f3e\u304f\u300d\u3068\u3044\u3046\u30a2\u30d7\u30ed\u30fc\u30c1\u3092\u63a1\u3063\u3066\u307f\u307e\u3059\u3002\n<\/p>\n
\n\u3000\u5177\u4f53\u7684\u306a\u8a2d\u5b9a\u306f\u3001\u540c\u3058\u304fhttpd.conf\u3067\u3001\n<\/p>\n
\n<Files “mt-tb.cgi”>
\n SecRuleEngine On
\n SecRequestBodyAccess On
\n SecDefaultAction deny,log,status:406,phase:2,t:urldecode
\n SecRule REQUEST_BODY “^[\\x00-\\x7F]+$”
\n SecAuditEngine On
\n SecAuditLog \/var\/log\/httpd\/mod_security.log
\n<\/Files>\n<\/p>\n
\n\u3068\u3057\u3066\u307f\u307e\u3057\u305f\u3002Files\u30c7\u30a3\u30ec\u30af\u30c6\u30a3\u30d6\u3067\u30c8\u30e9\u30c3\u30af\u30d0\u30c3\u30af\u7528\u30b9\u30af\u30ea\u30d7\u30c8\u306b\u3060\u3051\u50cd\u304f\u3088\u3046\u306b\u6307\u5b9a\u3057\u3066\u3044\u307e\u3059\u30021.x\u7cfb\u304b\u3089\u5909\u66f4\u306b\u306a\u3063\u305f\u30b3\u30de\u30f3\u30c9\u540d\u3060\u3051\u3092\u66f8\u304d\u63db\u3048\u308b\u3060\u3051\u3067\u306f\u4e0a\u624b\u304f\u3044\u304b\u305a\u8a66\u884c\u932f\u8aa4\u3057\u305f\u3093\u3067\u3059\u304c\u3001\u3069\u3046\u3084\u3089SecDefaultAction\u306bt:urlencode\u3092\u8ffd\u52a0\u3057\u305f\u3089\u4e0a\u624b\u304f\u3044\u3063\u305f\u3063\u307d\u3044\u3067\u3059\u3002\n<\/p>\n
\n\u3000\u52d5\u4f5c\u8a66\u9a13\u3057\u3088\u3046\u306b\u3082\u3001\u30a6\u30c1\u306e\u30d6\u30ed\u30b0\u306f\u30d6\u30ed\u30b0\u540d\u304c\u65e5\u672c\u8a9e\u306a\u306e\u3067\u3001 \u4e00\u6642\u7684\u306b\n<\/p>\n
\nSecRule ARGS:excerpt “^[\\x00-\\x7F]+$”\n<\/p>\n
\n \u306e\u3088\u3046\u306b\u3001POST\u30c7\u30fc\u30bf\u306e\u5185\u3001excerpt\uff08\u30c8\u30e9\u30c3\u30af\u30d0\u30c3\u30af\u3067\u9001\u3089\u308c\u308b\u6982\u8981\uff09\u306e\u307f\u3092\u691c\u67fb\u5bfe\u8c61\u306b\u3057\u3001\u672c\u6587\u306b\u65e5\u672c\u8a9e\u3092\u542b\u3080\u30a8\u30f3\u30c8\u30ea\u3068\u542b\u307e\u306a\u3044\u30a8\u30f3\u30c8\u30ea\u304b\u3089\u30c8\u30e9\u30c3\u30af\u30d0\u30c3\u30af\u3057\u3066\u307f\u305f\u3068\u3053\u308d\u3001\u4e00\u5fdc\u5f8c\u8005\u306e\u307f\u304c\u5f3e\u304b\u308c\u307e\u3057\u305f\u3002\n<\/p>\n
\n\u3000\u3053\u308c\u3067\u3057\u3070\u3089\u304f\u69d8\u5b50\u3092\u898b\u3066\u307f\u305f\u3044\u3068\u601d\u3044\u307e\u3059\u3002\n<\/p>\n
\n\u3000\u304c\u3001\u3057\u304b\u3057\u672c\u30d6\u30ed\u30b0\u306b\u95a2\u3057\u3066\u306f\u305d\u3082\u305d\u3082\u30c8\u30e9\u30c3\u30af\u30d0\u30c3\u30af\u304c\u6b63\u3057\u304f\u53d7\u4fe1\u3067\u304d\u306a\u3044\u554f\u984c\u304c\u767a\u899a\u3057\u307e\u3057\u305f\u3002\u5225\u9014\u539f\u56e0\u7a76\u660e\u3057\u306a\u3044\u3068…\n<\/p>\n
\n\u3000\u3068\u3082\u3042\u308c\u3001\u3053\u306emod_security\u306f\u304b\u306a\u308a\u67d4\u8edf\u306b\u30ec\u30b7\u30d4\u304c\u66f8\u3051\u308b\u306e\u3067\u3001Web\u30a2\u30d7\u30ea\u30b1\u30fc\u30b7\u30e7\u30f3\u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u5bfe\u7b56\u306b\u8272\u3005\u3068\u6d3b\u7528\u3067\u304d\u305d\u3046\u3067\u3059\u3002<\/p>\n","protected":false},"excerpt":{"rendered":"
\u3000\u03c3(^^)\u304c\u7ba1\u7406\u3057\u3066\u308bMovableType\u30b5\u30fc\u30d0\u30fc\uff12\u53f0\u304c\u3001\u3068\u304d\u3069\u304d\u30cf\u30f3\u30b0\u30a2\u30c3\u30d7\u3057\u305f\u3088\u3046\u306b\u7121\u53cd\u5fdc\u306b\u306a\u308b\u3053\u3068\u304c\u6642\u3005\u3042\u308a\u307e\u3057\u3066\u3001top\u306b\u3088\u308b\u3068mt-tb.cgi\u304c\u539f\u56e0\u307d\u3044\u3002\u3064\u307e\u308a\u3001\u30c8\u30e9\u30c3\u30af\u30d0\u30c3\u30af\u51e6\u7406\u3067\u30ea\u30bd\u30fc\u30b9\u304c\u98df\u3044\u3064\u3076\u3055\u308c […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[8],"tags":[],"class_list":["post-842","post","type-post","status-publish","format-standard","hentry","category-cat79"],"jetpack_featured_media_url":"","_links":{"self":[{"href":"https:\/\/do-gugan.com\/~furuta\/wp-json\/wp\/v2\/posts\/842","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/do-gugan.com\/~furuta\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/do-gugan.com\/~furuta\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/do-gugan.com\/~furuta\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/do-gugan.com\/~furuta\/wp-json\/wp\/v2\/comments?post=842"}],"version-history":[{"count":0,"href":"https:\/\/do-gugan.com\/~furuta\/wp-json\/wp\/v2\/posts\/842\/revisions"}],"wp:attachment":[{"href":"https:\/\/do-gugan.com\/~furuta\/wp-json\/wp\/v2\/media?parent=842"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/do-gugan.com\/~furuta\/wp-json\/wp\/v2\/categories?post=842"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/do-gugan.com\/~furuta\/wp-json\/wp\/v2\/tags?post=842"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}