Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
General Discussion
»
honeypot log in nginx?
« previous
next »
Print
Pages: [
1
]
Author
Topic: honeypot log in nginx? (Read 1192 times)
ferrets
Newbie
Posts: 3
Karma: 0
honeypot log in nginx?
«
on:
January 25, 2023, 02:50:36 pm »
Hi, everyone:
I've found some interesting settings in the nginx plugins, which is called "honeypot". If any ip had visited this location, the source ip will be added to the nginx_block_list, and that's a great feature.
But after some ips get blocked, there will be no access/error log in the webgui. How can I get the info about what the bad guys did? e.g. hostname, url, timestamp, action, etc.
Logged
Fright
Hero Member
Posts: 1777
Karma: 164
Re: honeypot log in nginx?
«
Reply #1 on:
January 25, 2023, 08:26:19 pm »
Hi.
not for now - premanent ban log is deleted when processed by autoban script.
only the ban timestamp is available at Services: Nginx: Banned.
i think its a nice idea to add a choice for (a second) permanent ban log.
Logged
ferrets
Newbie
Posts: 3
Karma: 0
Re: honeypot log in nginx?
«
Reply #2 on:
January 30, 2023, 07:20:59 am »
It should be possible to have to copies of logs, because I can read logs from webgui of OPNsense and syslog server at the same time.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
General Discussion
»
honeypot log in nginx?