Closed

Log file analyzer and take action based on frequency of event

This project was awarded to onlymaj for $75 USD.

Get free quotes for a project like this
Employer working
Awarded to:
Skills Required
Project Budget
$30 - $35 USD
Total Bids
3
Project Description

I am looking for a very simple PHP script that will be executed via a cron job once per minute to identify if someone is spamming (think DoS attack) my site causing high load and needs to be blocked.

The script will first check the current load of the server (1 min). If the load is over the threshold (say [url removed, login to view], but make it a variable) then the next step is to l read an nginx access log file, which I will provide a sample of. I then need to count the number of times an IP address appears in the log over a set period of time (in seconds). I am unsure of this figure, so it needs to be configurable as a variable in the script.

If the log file contains too many matches (IP address is occurring too often in the log within a certain time period) then I need an exec() command issued, which is basically a command of: ufw insert 1 deny from . I then need the output of that command captured and emailed to me along with the gzip'd log file using php mail.

The log file is standard nginx access log format. I can provide a snippet.

Looking to make some money?

  • Set your budget and the timeframe
  • Outline your proposal
  • Get paid for your work

Hire Freelancers who also bid on this project

    • Forbes
    • The New York Times
    • Time
    • Wall Street Journal
    • Times Online