CHips L MINI SHELL

CHips L pro

Current Path : /proc/self/root/proc/2/cwd/proc/2/cwd/usr/lib64/nagios/plugins/
Upload File :
Current File : //proc/self/root/proc/2/cwd/proc/2/cwd/usr/lib64/nagios/plugins/check_accesslog_cpanel.sh

#!/bin/bash
##############################################################
# Icinga MailQ alert for Access log audit for POST requests in cPanel servers.    #
# Author : Priya Agni                                                                                                     #
##############################################################

ACCESSLOG=$(for i in `find  /home/*/access-logs/ -type f ! -name "ftp.*" -mmin -70 `; do awk -v DATE=$(date +"%d.%b.%Y:%H" -d "1 hour ago") '$4~DATE && $6~/"POST/ && $7!~/admin-ajax.php|wp-cron.php/ &&  $9~200 {print FILENAME}' $i|sort |uniq -c; done |sort -n |awk 'BEGIN { ORS=", " }; {if($1>100) {split($2,domain,"/"); print domain[5]}}')

if [[ -n "$ACCESSLOG" ]]; then
        echo "WARNING: Too many POST requests to : $ACCESSLOG" 
        exit 1
else
        echo "OK: Normal POST requests to domains!"
        exit 0
fi

Copyright 2K16 - 2K18 Indonesian Hacker Rulez