????
Your IP : 3.22.240.164
| Current Path : /nutscripts/ |
|
|
| Current File : //nutscripts/wp-login-watcher.sh |
#!/bin/bash
# @gu1113
email="firewall@servidoraweb.net"
host=`hostname -a`
if [ -f /tmp/wp_login.txt ]; then rm /tmp/wp_login.txt; fi
loadavg=`cat /proc/loadavg | awk '{ print $1 }'`
carga=`echo $loadavg|awk -F \. '{print $1}'`
/usr/bin/lynx -dump -width 500 http://127.0.0.1/whm-server-status | awk '{ print $11,$12,$14 }' | grep -E 'wp-login|xmlrpc|administrator/index.php|component/k2/|plugin_googlemap2_proxy|option=com_k2' | grep -v -E '^152.169|^152.168.|^167.250.|^127|^201|^200|^190|^186|^181|^196.32|^24.|^173.245.4|^173.245.5|^173.245.6|^184.173.219.21|^108.162|^103.31|^104.1|^108.162|^131.0.7|^141.101.|^162.15|^172.64.0|^173.245|^188.114.9|^197.234.24|^198.41|^199.27|^64.76|^66.249|^197.|^179.|^191.8|^168.0|^168.90' | sort | uniq >> /tmp/wp_login.txt
for i in $(cat /tmp/wp_login.txt | awk '{ print $1 }') ; do
pais=`/nutscripts/nut_geoip.sh $i | awk '{ print $2 }' | sed 's/\"//g'`
dominio=`grep $i /tmp/wp_login.txt | awk '{ print $2 }'`
file=`grep $i /tmp/wp_login.txt | awk '{ print $3 }'`
if [[ $pais != *AR* ]] && [[ $pais != *UY* ]] && [[ $pais != *ES* ]] && [[ $pais != *MX* ]] && [[ $pais != *CL* ]] && [[ $(iptables -L -n | grep $i ) == "" ]] && [[ -z `grep $dominio /nutscripts/files/exclude_wp.txt` ]]; then
/usr/sbin/csf -td $i 86400 -p80 "Bloqueado por script wp-login-watcher $dominio $file"
#/bin/mail -s "$host suspencion por 24hs ip: $i dominio: $dominio logueo from: $pais " "$email"
fi;done;