A
A
aroun2016-10-06 04:58:59
linux
aroun, 2016-10-06 04:58:59

How to write a regular expression for ispmanager?

Greetings,
I want to close the admin panel, there are a lot of instructions on the Internet, only they are designed for the fact that the panel gives something that falls under the regular season:
<HOST>s+nobodys+auth
Meanwhile, the panel in ispmgr.journal does not give anything at all, in ispmgr.log something like this:

Oct  6 04:56:36 [3260:41305] backtrace EXTINFO ??? (lib/libmgr.so.5.72.2 + 0x0) [*0x7f9bca870dc5]
Oct  6 04:56:36 [3260:41305] backtrace EXTINFO ??? (/lib64/libpthread.so.0 + 0x0) [*0x7f9bca59dced]
Oct  6 04:56:36 [3260:41305] backtrace EXTINFO ??? (/lib64/libc.so.6 + 0x6d) [*(nil)]
Oct  6 04:56:36 [3260:41305] libmgr ERROR Error: Type: 'auth' Object: 'badpassword' Value: ''
Oct  6 04:56:36 [3260:41305] action EXTINFO Get message for error in action 'auth' for level 0
Oct  6 04:56:36 [3260:41305] action EXTINFO Get message for error in action 'mgrerror_auth' for level 0
Oct  6 04:56:36 [3260:41305] action EXTINFO Get message for error in action 'msgerror' for level 0
Oct  6 04:56:36 [3260:41305] core WARNING 0x7f9ba02078b0 Restart request
Oct  6 04:56:36 [3260:41305] libmgr EXTINFO Start thread
Oct  6 04:56:36 [3260:41306] core_module INFO Request [10.10.10.10][] 'func=logon&lang=ru&username=213'
Oct  6 04:56:36 [3260:41305] libmgr EXTINFO Thread d5fae2226db005cf finished
Oct  6 04:56:36 [3260:41306] libmgr EXTINFO Thread e297fc44755a3347 finished

and in ihttpd.log
Oct  6 04:57:54 [2509:1] main WARNING Cross-origin request from 'https://46.254.21.156:1500' denied
Oct  6 04:57:54 [2509:1] main INFO Request: /manimg/orion/default/main.css GET HTTP/1.1
Oct  6 04:57:54 [2509:1] main EXTINFO 0xf01ea0 add connection 8 form 95.31.7.56:59372
Oct  6 04:57:54 [2509:1] main INFO Request: /manimg/orion/lib/libs.min.js GET HTTP/1.1
Oct  6 04:57:54 [2509:1] main EXTINFO 0xf01ea0 add connection 9 form 95.31.7.56:59373
Oct  6 04:57:54 [2509:1] main INFO Request: /manimg/orion/utils.min.js GET HTTP/1.1
Oct  6 04:57:54 [2509:1] main INFO Request: /manimg/common/passwd.list GET HTTP/1.1

Help write a regular expression for the last option, it will come in handy for everyone)

Answer the question

In order to leave comments, you need to log in

1 answer(s)
A
Artem Pastukhov, 2016-10-13
@past

I would put a bunch of ispmanager fail2ban

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question