33 lines
1.1 KiB
Bash
33 lines
1.1 KiB
Bash
|
#!/bin/bash
|
||
|
|
# Real-time Log Monitor for QBPOS Help Website
|
||
|
|
# Shows recent attacks, blocked IPs, and suspicious activity
|
||
|
|
|
||
|
|
echo "=== QBPOS Help Website Security Monitor ==="
|
||
|
|
echo "Date: $(date)"
|
||
|
|
echo ""
|
||
|
|
|
||
|
|
# Show fail2ban status
|
||
|
|
echo "--- Fail2ban Status ---"
|
||
|
|
sudo fail2ban-client status nginx-badbots 2>/dev/null | grep "Total banned" || echo "No bans yet"
|
||
|
|
sudo fail2ban-client status nginx-noproxy 2>/dev/null | grep "Total banned" || echo "No proxy attacks"
|
||
|
|
echo ""
|
||
|
|
|
||
|
|
# Show recent blocked IPs
|
||
|
|
echo "--- Recently Blocked IPs (last 24h) ---"
|
||
|
|
sudo grep "Ban" /var/log/fail2ban.log 2>/dev/null | tail -10 || echo "No recent bans"
|
||
|
|
echo ""
|
||
|
|
|
||
|
|
# Show suspicious access attempts
|
||
|
|
echo "--- Suspicious Access Attempts (last 100) ---"
|
||
|
|
tail -100 /var/log/nginx/qbpos-access.log | grep -E "\.\.\/|\.php|\.asp|admin|wp-|sqlmap" | tail -5 || echo "No suspicious activity"
|
||
|
|
echo ""
|
||
|
|
|
||
|
|
# Show recent 404 errors
|
||
|
|
echo "--- Recent 404 Errors ---"
|
||
|
|
tail -100 /var/log/nginx/qbpos-access.log | grep " 404 " | tail -5 || echo "No 404 errors"
|
||
|
|
echo ""
|
||
|
|
|
||
|
|
# Show error log
|
||
|
|
echo "--- Recent Errors ---"
|
||
|
|
tail -10 /var/log/nginx/qbpos-error.log 2>/dev/null || echo "No recent errors"
|