Here's a command using which you can find out what IPs are accessing your http server Apache most from its log file.
cat log | grep "GET /" | awk '{print $1}' | sort | uniq -c | sort -rn | less
It is useful in a case of DDoS attack, when you want to know these IPs and ban them in your firewall.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment