????
Current Path : /proc/322915/root/proc/329612/root/nutscripts/ |
Current File : //proc/322915/root/proc/329612/root/nutscripts/wp-login-watcher.sh |
#!/bin/bash # @gu1113 email="firewall@servidoraweb.net" host=`hostname -a` if [ -f /tmp/wp_login.txt ]; then rm /tmp/wp_login.txt; fi loadavg=`cat /proc/loadavg | awk '{ print $1 }'` carga=`echo $loadavg|awk -F \. '{print $1}'` /usr/bin/lynx -dump -width 500 http://127.0.0.1/whm-server-status | awk '{ print $11,$12,$14 }' | grep -E 'wp-login|xmlrpc|administrator/index.php|component/k2/|plugin_googlemap2_proxy|option=com_k2' | grep -v -E '^152.169|^152.168.|^167.250.|^127|^201|^200|^190|^186|^181|^196.32|^24.|^173.245.4|^173.245.5|^173.245.6|^184.173.219.21|^108.162|^103.31|^104.1|^108.162|^131.0.7|^141.101.|^162.15|^172.64.0|^173.245|^188.114.9|^197.234.24|^198.41|^199.27|^64.76|^66.249|^197.|^179.|^191.8|^168.0|^168.90' | sort | uniq >> /tmp/wp_login.txt for i in $(cat /tmp/wp_login.txt | awk '{ print $1 }') ; do pais=`/nutscripts/nut_geoip.sh $i | awk '{ print $2 }' | sed 's/\"//g'` dominio=`grep $i /tmp/wp_login.txt | awk '{ print $2 }'` file=`grep $i /tmp/wp_login.txt | awk '{ print $3 }'` if [[ $pais != *AR* ]] && [[ $pais != *UY* ]] && [[ $pais != *ES* ]] && [[ $pais != *MX* ]] && [[ $pais != *CL* ]] && [[ $(iptables -L -n | grep $i ) == "" ]] && [[ -z `grep $dominio /nutscripts/files/exclude_wp.txt` ]]; then /usr/sbin/csf -td $i 86400 -p80 "Bloqueado por script wp-login-watcher $dominio $file" #/bin/mail -s "$host suspencion por 24hs ip: $i dominio: $dominio logueo from: $pais " "$email" fi;done;