Created
June 12, 2024 00:49
-
-
Save snapo/076f350d10f90ca2567937f24502d0e2 to your computer and use it in GitHub Desktop.
ufw block automatic IP's that are infected and create high cpu useage and always request the same wp-json even it dosent exist....
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# Path to the access log file | |
ACCESS_LOG="access.log" | |
# Path to the file that will store unique IP addresses | |
IP_LIST="ip_list.txt" | |
# Function to extract IP addresses and add them to the IP list | |
extract_ips() { | |
echo "Extracting IP addresses from $ACCESS_LOG..." | |
# Extract IP addresses and append to the IP_LIST file | |
awk '/wp-json/ {print $1}' "$ACCESS_LOG" >> "$IP_LIST" | |
# Sort and remove duplicates | |
sort -u -o "$IP_LIST" "$IP_LIST" | |
echo "Unique IP addresses written to $IP_LIST" | |
} | |
# Function to add unique IP addresses to the UFW deny list | |
block_ips() { | |
echo "Adding unique IP addresses to the UFW deny list..." | |
# Reset UFW rules | |
ufw --force reset | |
echo "Reset UFW firewall done..." | |
ufw default deny incoming | |
# Add deny rules for IP addresses | |
while read -r ip; do | |
ufw deny from "$ip" | |
echo "Blocked IP address: $ip" | |
done < "$IP_LIST" | |
# Add allow rules for ports 22 and 80 first | |
ufw allow 22/tcp | |
echo "Allowed port: 22/tcp" | |
ufw allow 80/tcp | |
echo "Allowed port: 80/tcp" | |
# Enable UFW without prompting for confirmation | |
ufw --force enable | |
} | |
# Check if the access log file exists | |
if [ -f "$ACCESS_LOG" ]; then | |
echo "Monitoring $ACCESS_LOG for /wp-json/ requests..." | |
# Extract IP addresses from the log file | |
extract_ips | |
# Block unique IP addresses | |
block_ips | |
else | |
echo "Error: $ACCESS_LOG not found in the current directory." | |
fi |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment