lesstif/generate-nginx-blacklist-from-error-logfile.sh

## generate-nginx-blacklist-from-error-logfile.sh
#!/bin/bash

TMP1=/tmp/tmp-black-list

NGINX_LOG=/var/log/nginx/error.log

grep '.php\|.cfg' ${NGINX_LOG} | grep -E -o  "([0-9]{1,3}[\.]){3}[0-9]{1,3}" | sort | uniq | awk '{print "deny "$0";"}' > ${TMP1}

## copy original block ips file
D=$(date '+%Y-%m-%d')

BACKUP=/tmp/blockips-${D}.conf
BLOCKIPS=/etc/nginx/blockips.conf

cp ${BLOCKIPS} ${BACKUP}

## merge 2 files while removing duplicates
## https://unix.stackexchange.com/questions/50103/merge-two-lists-while-removing-duplicates
sort -u ${TMP1} ${BACKUP} > ${BLOCKIPS}

nginx -t

if [ $? == 0 ];then
    systemctl restart nginx;
else
    echo "nginx -t failed";
fi


## nginx.conf
http {
    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;

    ## do something...

    ### add this
    include /etc/nginx/blockips.conf;
}
	#!/bin/bash

	TMP1=/tmp/tmp-black-list

	NGINX_LOG=/var/log/nginx/error.log

	grep '.php\\|.cfg' ${NGINX_LOG} \| grep -E -o "([0-9]{1,3}[\.]){3}[0-9]{1,3}" \| sort \| uniq \| awk '{print "deny "$0";"}' > ${TMP1}

	## copy original block ips file
	D=$(date '+%Y-%m-%d')

	BACKUP=/tmp/blockips-${D}.conf
	BLOCKIPS=/etc/nginx/blockips.conf

	cp ${BLOCKIPS} ${BACKUP}

	## merge 2 files while removing duplicates
	## https://unix.stackexchange.com/questions/50103/merge-two-lists-while-removing-duplicates
	sort -u ${TMP1} ${BACKUP} > ${BLOCKIPS}

	nginx -t

	if [ $? == 0 ];then
	systemctl restart nginx;
	else
	echo "nginx -t failed";
	fi
	http {
	include /etc/nginx/mime.types;
	default_type application/octet-stream;

	## do something...

	### add this
	include /etc/nginx/blockips.conf;
	}