thedod/README.textile

## README.textile

      
    Raw
  

              README.textile
            
          
    Hit Parade – find out who’s DoSing your site

This script goes over web server log files and sorts IP numbers by number of hits.¹
Once you know which IP numbers are causing trouble, you can ask your system administrator to block them. In some cases you might even have a way to block specific IP numbers from a web-based control panel.
Another (less efficient, but sometimes practical) way is to block those IP numbers in your .htaccess file like this:

order allow,deny

deny from 123.45.6.7

deny from …

allow from all

Instructions:


	You need to have Python installed on your machine. On most modern platforms (including many phones) it already is, but if you have Windows, ActiveState Python seems to be less of a hassle to work with than the python.org distribution (or so they say).


	Have your log files in the current folder (e.g. log1.log log2.log …). If you have them as .gz files, decompress them first


	from command line do python hitparade.py log1.log log2.log ... (if you’re using ActiveState Python on Windows, type hitparade.py log1.log log2.log ... in the cmd window).

Feel free to change PARADE_SIZE (currently 20).
Good luck,

@TheRealDod

¹ All web hosts let you retrieve your site’s access logs via a web-based control panel, sftp, etc. hitparade.py doesn’t need to run on the server (some hosts might not let you do that). It can run on your own computer after fetching your site’s access log to your hard drive.
  

## hitparade.py
PARADE_SIZE=20

def doit():
    import sys
    if len(sys.argv)<2:
        sys.stderr.write('Usage: python {0} access1.log [access2.log [...]]\n' .format(
            len(sys.argv) and sys.argv[0] or '<program>'))
        sys.exit(1)
    for logfile in sys.argv[1:]:
        print '-- {0} --'.format(logfile)
    hits={}
    for line in file(logfile).xreadlines():
        ip=line.split(' ',1)[0]
        hits[ip]=hits.get(ip,0)+1
    parade=[(hits[ip],ip) for ip in hits]
    parade.sort()
    parade.reverse()
    for p in parade[:PARADE_SIZE]:
        print "{1: >15}: {0: >6}".format(*p)

if __name__=='__main__':
    doit()
	PARADE_SIZE=20

	def doit():
	import sys
	if len(sys.argv)<2:
	sys.stderr.write('Usage: python {0} access1.log [access2.log [...]]\n' .format(
	len(sys.argv) and sys.argv[0] or '<program>'))
	sys.exit(1)
	for logfile in sys.argv[1:]:
	print '-- {0} --'.format(logfile)
	hits={}
	for line in file(logfile).xreadlines():
	ip=line.split(' ',1)[0]
	hits[ip]=hits.get(ip,0)+1
	parade=[(hits[ip],ip) for ip in hits]
	parade.sort()
	parade.reverse()
	for p in parade[:PARADE_SIZE]:
	print "{1: >15}: {0: >6}".format(*p)

	if __name__=='__main__':
	doit()