Still working hard to keep my server security locked down from attacks.
This script checks lighttpd logfile for unusual behaviour
Script to monitor and block IPs spaming in varios ways my Word Press and SQUID Server
Update 07/2016
tested on Centos/RedHat/LinuxAMI and lighttpd/squid with iptables
Just add to crontab like crontab -e
*/30 * * * * /usr/bin/block_ips.sh >> /var/log/lighttpd/blockips.log
PREREQ:
lighttpd
ipset
iptables
Here is the script:
Here is the script: