Fred'ô farias06

Registres des connexions échoués depuis 2016 sur CYBER-NEURONES :

Voici la liste des IPs ( à mettre en liste noire ) :

   6 223.29.230.*
   6 62.133.27.*
   6 78.99.183.*
   6 92.169.41.*
   9 202.110.187.146
  10 185.234.217.11
  12 134.19.230.229
  12 82.236.11.*
  17 222.86.214.132
  18 114.141.189.194
  18 122.225.238.98
  19 138.122.111.28
  19 58.250.204.187 : China Unicom
  20 42.228.1.34 : China Unicom
  21 58.16.113.239 : China Unicom 
  24 87.103.212.56 : Russia Kemerovo branch of old OJSC "Sibirtelecom"
  32 125.77.72.197 : China Telecom
  33 186.195.227.94 : Brazil Redenilf Servicos de Telecomunica??es Ltda
  37 221.2.137.143 : China Unicom .
  57 222.223.101.58 : China Telecom . 

Le mieux est de filtrer tout ce qui vient de chine … misère.

J’ai donc fait la mise à jours :

La dernière version va surement me permettre de ne plus utiliser WordFence, elle permet de sécuriser le site :

L’interface est vraiment simple à comprendre …

A suivre !

Install JOPLIN : https://joplin.cozic.net ,  and start REST API. (Easy)

Step 1 : Put this script in folder.

Step 2 : Edit the script and put your token 

Step 3 : Run the script

The script :

#
# Version 1 
# for Python 3
# 
#   ARIAS Frederic
#   Sorry ... It's difficult for me the python :)
#

import feedparser
from os import listdir
from pathlib import Path
import glob
import csv
import locale
import os
import time
from datetime import datetime
import json
import requests

#Token
ip = "127.0.0.1"
port = "41184"
token = "Put your token here"

nb_import = 0;
headers = {'Content-type': 'application/json', 'Accept': 'text/plain'}

url_notes = (
    "http://"+ip+":"+port+"/notes?"
    "token="+token
)
url_folders = (
    "http://"+ip+":"+port+"/folders?"
    "token="+token
)
url_tags = (
    "http://"+ip+":"+port+"/tags?"
    "token="+token
)
url_ressources = (
    "http://"+ip+":"+port+"/ressources?"
    "token="+token
)

#Init
Wordpress_UID = "12345678901234567801234567890123"
UID = {}

payload = {
    "id":Wordpress_UID,
    "title":"Wordpress Import"
}

try:
    resp = requests.post(url_folders, data=json.dumps(payload, separators=(',',':')), headers=headers)
    resp.raise_for_status()
    resp_dict = resp.json()
    print(resp_dict)
    print("My ID")
    print(resp_dict['id'])
    Wordpress_UID_real = resp_dict['id']
    save = str(resp_dict['id'])
    UID[Wordpress_UID]= save
except requests.exceptions.HTTPError as e:
    print("Bad HTTP status code:", e)
except requests.exceptions.RequestException as e:
    print("Network error:", e)

feed = feedparser.parse("https://www.cyber-neurones.org/feed/")

feed_title = feed['feed']['title']
feed_entries = feed.entries

numero = -2
nb_entries = 1
nb_metadata_import = 1

while nb_entries > 0 : 
  print ("----- Page ",numero,"-------")
  numero += 2
  url = "https://www.cyber-neurones.org/feed/?paged="+str(numero)
  feed = feedparser.parse(url)
  feed_title = feed['feed']['title']
  feed_entries = feed.entries
  nb_entries = len(feed['entries'])
  for entry in feed.entries:
     nb_metadata_import += 1
     my_title = entry.title
     my_link = entry.link
     article_published_at = entry.published # Unicode string
     article_published_at_parsed = entry.published_parsed # Time object
     article_author = entry.author
     timestamp = time.mktime(entry.published_parsed)*1000
     print("Published at "+article_published_at)
     my_body = entry.description
     payload_note = {
         "parent_id":Wordpress_UID_real,
         "title":my_title,
         "source":"Wordpress",
         "source_url":my_link,
         "order":nb_metadata_import,
         "user_created_time":timestamp,
         "user_updated_time":timestamp,
         "author":article_author,
         "body_html":my_body
         }
     payload_note_put = {
         "source":"Wordpress",
         "order":nb_metadata_import,
         "source_url":my_link,
         "user_created_time":timestamp,
         "user_updated_time":timestamp,
         "author":article_author
         }

     try:
         resp = requests.post(url_notes, json=payload_note)
         resp.raise_for_status()
         resp_dict = resp.json()
         print(resp_dict)
         print(resp_dict['id'])
         myuid= resp_dict['id']
     except requests.exceptions.HTTPError as e:
         print("Bad HTTP status code:", e)
     except requests.exceptions.RequestException as e:
         print("Network error:", e)

     url_notes_put = (
    "http://"+ip+":"+port+"/notes/"+myuid+"?"
    "token="+token
)
     try:
         resp = requests.put(url_notes_put, json=payload_note_put)
         resp.raise_for_status()
         resp_dict = resp.json()
         print(resp_dict)
     except requests.exceptions.HTTPError as e:
         print("Bad HTTP status code:", e)
     except requests.exceptions.RequestException as e:
         print("Network error:", e)

Lire l’article : https://www.developpez.com/actu/240529/WordPress-le-nombre-de-vulnerabilites-a-triple-en-2018-une-etude-pointe-du-doigt-les-plugins-comme-la-principale-source-des-failles-du-CMS/ : WordPress : le nombre de vulnérabilités a triplé en 2018

Une étude pointe du doigt les plugins comme la principale source des failles du CMS

Rien a signaler … pas de problème.

Toujours satisfait de ce logiciel  !

Et merci google … et bon courage à Qwant & Ecosia .

Voici la liste des IP que j’ai complètement bloqué, trop d’attaque :

91.200.12.114 (Ukraine)
91.200.12.65 (Ukraine)
91.200.12.4 (Ukraine) 
178.89.110.135 (Kazakhstan)
122.114.251.82 (Chine)
222.86.214.132 (Chine)
192.99.63.202 (Canada)
112.78.5.70 (Vietnam)
81.177.135.161
221.2.137.143

C’était le jour des attaques par injection ( Canada, Vietnam, Russian Federation) :

 Application Firewall has blocked 180 attacks over the last 10 minutes. Below is a sample of these recent attacks:

octobre 29, 2018 12:49   192.99.63.202 (Canada)     Blocked for SQL Injection in query string: lang=eo1111111111111" UNION SELECT CHAR(45,120,49,45,81,45),CHAR(45,120,50,45,81,45),CHAR(45,120,51,45,81
octobre 29, 2018 12:49   192.99.63.202 (Canada)     Blocked for SQL Injection in query string: lang=eo1111111111111" UNION SELECT CHAR(45,120,49,45,81,45),CHAR(45,120,50,45,81,45),CHAR(45,120,51,45,81
octobre 29, 2018 12:49   192.99.63.202 (Canada)     Blocked for SQL Injection in query string: lang=eo1111111111111" UNION SELECT CHAR(45,120,49,45,81,45),CHAR(45,120,50,45,81,45),CHAR(45,120,51,45,81
octobre 29, 2018 12:49   192.99.63.202 (Canada)     Blocked for SQL Injection in query string: lang=eo1111111111111" UNION SELECT CHAR(45,120,49,45,81,45),CHAR(45,120,50,45,81,45),CHAR(45,120,51,45,81
octobre 29, 2018 12:49   192.99.63.202 (Canada)     Blocked for SQL Injection in query string: lang=eo1111111111111" UNION SELECT CHAR(45,120,49,45,81,45),CHAR(45,120,50,45,81,45),CHAR(45,120,51,45,81
octobre 29, 2018 12:49   192.99.63.202 (Canada)     Blocked for SQL Injection in query string: lang=eo1111111111111" UNION SELECT CHAR(45,120,49,45,81,45),CHAR(45,120,50,45,81,45),CHAR(45,120,51,45,81
octobre 29, 2018 12:49   192.99.63.202 (Canada)     Blocked for SQL Injection in query string: lang=eo1111111111111" UNION SELECT CHAR(45,120,49,45,81,45),CHAR(45,120,50,45,81,45),CHAR(45,120,51,45,81
octobre 29, 2018 12:49   192.99.63.202 (Canada)     Blocked for SQL Injection in query string: lang=eo1111111111111" UNION SELECT CHAR(45,120,49,45,81,45),CHAR(45,120,50,45,81,45),CHAR(45,120,51,45,81
octobre 29, 2018 12:49   192.99.63.202 (Canada)     Blocked for SQL Injection in query string: lang=eo1111111111111" UNION SELECT CHAR(45,120,49,45,81,45),CHAR(45,120,50,45,81,45),CHAR(45,120,51,45,81
octobre 29, 2018 12:49   192.99.63.202 (Canada)     Blocked for SQL Injection in query string: lang=eo1111111111111" UNION SELECT CHAR(45,120,49,45,81,45),CHAR(45,120,50,45,81,45),CHAR(45,120,51,45,81

Web Application Firewall has blocked 110 attacks over the last 10 minutes. Below is a sample of these recent attacks:

octobre 29, 2018 1:02   112.78.5.70 (Vietnam)     Blocked for SQL Injection in query string: lang=eo1111111111111' UNION SELECT CHAR(45,120,49,45,81,45),CHAR(45,120,50,45,81,45),CHAR(45,120,51,45,81
octobre 29, 2018 1:02   112.78.5.70 (Vietnam)     Blocked for SQL Injection in query string: lang=eo1111111111111' UNION SELECT CHAR(45,120,49,45,81,45),CHAR(45,120,50,45,81,45),CHAR(45,120,51,45,81
octobre 29, 2018 1:02   112.78.5.70 (Vietnam)     Blocked for SQL Injection in query string: lang=eo1111111111111' UNION SELECT CHAR(45,120,49,45,81,45),CHAR(45,120,50,45,81,45),CHAR(45,120,51,45,81
octobre 29, 2018 1:02   112.78.5.70 (Vietnam)     Blocked for SQL Injection in query string: lang=eo1111111111111' UNION SELECT CHAR(45,120,49,45,81,45),CHAR(45,120,50,45,81,45),CHAR(45,120,51,45,81
octobre 29, 2018 1:02   112.78.5.70 (Vietnam)     Blocked for SQL Injection in query string: lang=eo1111111111111' UNION SELECT CHAR(45,120,49,45,81,45),CHAR(45,120,50,45,81,45),CHAR(45,120,51,45,81
octobre 29, 2018 1:02   112.78.5.70 (Vietnam)     Blocked for SQL Injection in query string: lang=eo1111111111111' UNION SELECT CHAR(45,120,49,45,81,45),CHAR(45,120,50,45,81,45),CHAR(45,120,51,45,81
octobre 29, 2018 1:02   112.78.5.70 (Vietnam)     Blocked for SQL Injection in query string: lang=eo1111111111111' UNION SELECT CHAR(45,120,49,45,81,45),CHAR(45,120,50,45,81,45),CHAR(45,120,51,45,81
octobre 29, 2018 1:02   112.78.5.70 (Vietnam)     Blocked for SQL Injection in query string: lang=eo1111111111111' UNION SELECT CHAR(45,120,49,45,81,45),CHAR(45,120,50,45,81,45),CHAR(45,120,51,45,81
octobre 29, 2018 1:01   112.78.5.70 (Vietnam)     Blocked for SQL Injection in query string: lang=eo1111111111111' UNION SELECT CHAR(45,120,49,45,81,45),CHAR(45,120,50,45,81,45),CHAR(45,120,51,45,81
octobre 29, 2018 1:01   112.78.5.70 (Vietnam)     Blocked for SQL Injection in query string: lang=eo1111111111111' UNION SELECT CHAR(45,120,49,45,81,45),CHAR(45,120,50,45,81,45) -- /* order by 'as

Web Application Firewall has blocked 182 attacks over the last 10 minutes. Below is a sample of these recent attacks:

octobre 29, 2018 1:06   112.78.5.70 (Vietnam)     Blocked for SQL Injection in query string: lang=eo1111111111111" UNION SELECT CHAR(45,120,49,45,81,45),CHAR(45,120,50,45,81,45),CHAR(45,120,51,45,81
octobre 29, 2018 1:06   112.78.5.70 (Vietnam)     Blocked for SQL Injection in query string: lang=eo1111111111111" UNION SELECT CHAR(45,120,49,45,81,45),CHAR(45,120,50,45,81,45),CHAR(45,120,51,45,81
octobre 29, 2018 1:06   112.78.5.70 (Vietnam)     Blocked for SQL Injection in query string: lang=eo1111111111111" UNION SELECT CHAR(45,120,49,45,81,45),CHAR(45,120,50,45,81,45),CHAR(45,120,51,45,81
octobre 29, 2018 1:06   112.78.5.70 (Vietnam)     Blocked for SQL Injection in query string: lang=eo1111111111111" UNION SELECT CHAR(45,120,49,45,81,45),CHAR(45,120,50,45,81,45),CHAR(45,120,51,45,81
octobre 29, 2018 1:06   112.78.5.70 (Vietnam)     Blocked for SQL Injection in query string: lang=eo1111111111111" UNION SELECT CHAR(45,120,49,45,81,45),CHAR(45,120,50,45,81,45),CHAR(45,120,51,45,81
octobre 29, 2018 1:06   112.78.5.70 (Vietnam)     Blocked for SQL Injection in query string: lang=eo1111111111111" UNION SELECT CHAR(45,120,49,45,81,45),CHAR(45,120,50,45,81,45),CHAR(45,120,51,45,81
octobre 29, 2018 1:06   112.78.5.70 (Vietnam)     Blocked for SQL Injection in query string: lang=eo1111111111111" UNION SELECT CHAR(45,120,49,45,81,45),CHAR(45,120,50,45,81,45),CHAR(45,120,51,45,81
octobre 29, 2018 1:06   112.78.5.70 (Vietnam)     Blocked for SQL Injection in query string: lang=eo1111111111111" UNION SELECT CHAR(45,120,49,45,81,45),CHAR(45,120,50,45,81,45),CHAR(45,120,51,45,81
octobre 29, 2018 1:06   112.78.5.70 (Vietnam)     Blocked for SQL Injection in query string: lang=eo1111111111111" UNION SELECT CHAR(45,120,49,45,81,45),CHAR(45,120,50,45,81,45),CHAR(45,120,51,45,81
octobre 29, 2018 1:06   112.78.5.70 (Vietnam)     Blocked for SQL Injection in query string: lang=eo1111111111111" UNION SELECT CHAR(45,120,49,45,81,45),CHAR(45,120,50,45,81,45),CHAR(45,120,51,45,81

Web Application Firewall has blocked 203 attacks over the last 10 minutes. Below is a sample of these recent attacks:

octobre 29, 2018 1:17   81.177.135.161 (Russian Federation)     Blocked for SQL Injection in query string: lang=eo" or (1,2)=(select*from(select name_const(CHAR(111,108,111,108,111,115,104,101,114),1),name_const(
octobre 29, 2018 1:17   81.177.135.161 (Russian Federation)     Blocked for SQL Injection in query string: lang=eo' or (1,2)=(select*from(select name_const(CHAR(111,108,111,108,111,115,104,101,114),1),name_const(
octobre 29, 2018 1:17   81.177.135.161 (Russian Federation)     Blocked for SQL Injection in query string: lang=eo or (1,2)=(select*from(select name_const(CHAR(111,108,111,108,111,115,104,101,114),1),name_const(C
octobre 29, 2018 1:17   81.177.135.161 (Russian Federation)     Blocked for SQL Injection in query string: lang=eo' And SLeep(3) UniON SEleCT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,2
octobre 29, 2018 1:16   81.177.135.161 (Russian Federation)     Blocked for SQL Injection in query string: lang=eo1111111111111" UNION SELECT CHAR(45,120,49,45,81,45),CHAR(45,120,50,45,81,45),CHAR(45,120,51,45,81
octobre 29, 2018 1:16   81.177.135.161 (Russian Federation)     Blocked for SQL Injection in query string: lang=eo1111111111111" UNION SELECT CHAR(45,120,49,45,81,45),CHAR(45,120,50,45,81,45),CHAR(45,120,51,45,81
octobre 29, 2018 1:16   81.177.135.161 (Russian Federation)     Blocked for SQL Injection in query string: lang=eo1111111111111" UNION SELECT CHAR(45,120,49,45,81,45),CHAR(45,120,50,45,81,45),CHAR(45,120,51,45,81
octobre 29, 2018 1:16   81.177.135.161 (Russian Federation)     Blocked for SQL Injection in query string: lang=eo1111111111111" UNION SELECT CHAR(45,120,49,45,81,45),CHAR(45,120,50,45,81,45),CHAR(45,120,51,45,81
octobre 29, 2018 1:15   81.177.135.161 (Russian Federation)     Blocked for SQL Injection in query string: lang=eo1111111111111" UNION SELECT CHAR(45,120,49,45,81,45),CHAR(45,120,50,45,81,45),CHAR(45,120,51,45,81
octobre 29, 2018 1:15   81.177.135.161 (Russian Federation)     Blocked for SQL Injection in query string: lang=eo1111111111111" UNION SELECT CHAR(45,120,49,45,81,45),CHAR(45,120,50,45,81,45),CHAR(45,120,51,45,81

Misère.

J’ai fait une petite sélection :

• Wordpress2Doc. : Wordpress2 Doc :
• http://papyruseditor.com/en/blog2book : Papyruse .
• http://wordpress.org/extend/plugins/blogtopdf/ : Plugin Blog to Pdf .
• Blogbooker : Blog Booker .
• Anthologize : Anthologize .

J’ai donc fait un test avec celui qui me semble être le meilleur : Blog booker : https://www.blogbooker.com/export_wordpress.php .

La première étape consiste à faire un export en XML :

Le fichier fait 35 Mo pour mon blog complet.

La seconde phase, c’est pas ici :  https://www.blogbooker.com/wordpress.php :

Installation d’un plugin en python : https://github.com/arthur-debert/munin-httpresponse-plugin/blob/master/httpresponsetime

$ sudo vi /usr/share/munin/plugins/httpresponsetime
 -> Copie du script.
$ sudo ln -s  /usr/share/munin/plugins/httpresponsetime /etc/munin/plugins/httpresponsetime
$ sudo chmod +x  /usr/share/munin/plugins/httpresponsetime /etc/munin/plugins/httpresponsetime
$ sudo apt-get install python-setuptools python-dev build-essential
$ sudo easy_install pip
$ sudo pip install httplib2

Ajout dans le fichier :

$ sudo vi /etc/munin/plugin-conf.d/munin-node
...
[httpresponsetime]
    env.urls https://www.cyber-neurones.org
...

Et on relance :

$ sudo munin-node-configure --shell
$ sudo service munin-node restart

Et voici le résultat :