HostDeny z logów Apache'a
#!/bin/sh
RATE_LIMIT="100"
HOSTS_DENY=".htaccess"
LOG="/home/apache_wp/apache_wp/logs/access_log_443"
DT=$(date +%d/%b/%Y:%k:%M)
PERIODIC_LOG="periodic.log"
cat $LOG | grep "$DT" | grep "SomeServletUrl" | cut -d" " -f1 > $PERIODIC_LOG
echo "### Generated at $DT ###">> $HOSTS_DENY
for ip in $(cat $PERIODIC_LOG | sort -u); do
cnt=$(cat $PERIODIC_LOG | grep -c "$ip");
[[ $cnt -gt $RATE_LIMIT ]] || continue;
echo >> $HOSTS_DENY;
echo "# $ip generated $cnt requests above rate limit $RATE_LIMIT" >> $HOSTS_DENY;
echo "Deny from $ip" >> $HOSTS_DENY;
done;
0 komentarze:
Prześlij komentarz