Shell Script List All Top IP Address Accessing Apache / Lighttpd Web Server

Posted on in Categories Web Server last updated December 30, 2008

How do I run this script?

Simply run it as follows:
./script nixcraft.com
Sample output (1st coloum is counter and 2nd is IP address):

You can block all spammers and content scrappers bots using Linux iptables or BSD pf firewall itself.

9 comment

  1. The sort on ip’s is alphabetic which is not quite right for looking at the numbered segments. so your script only works because the second sort is working on the count produced by uniq -c. Is the first sort even needed?

  2. I think you should pipe the output of the report generating command to tail, otherwise you will get “every” address logged to your resulting report file. And the title of the script is top ip addresses accessing apache / lighthttpd not all unique ip addresses which is what your script is producing.

    Here a what i mean, with this you get the top 20 hitters only.
    awk ‘{ print $1}’ $LOGFILE | sort | uniq -c | sort -nr | tail -20 > $DEST/$DOM.txt

    1. Use “head” instead of tail, this way output shows only last 20 IP hit your website just one time.

      Top 20 IPs hits site multiple times.
      awk ‘{ print $1}’ $LOGFILE | sort | uniq -c | sort -nr | head -20 > $DEST/$DOM.txt

  3. hello when i stored it on my server i use this command:
    chmod +x ipcacher.sh
    and then when i try ./ipcacher.sh
    i dont see anything

    plz help me and reply my comment by sendig mail to me tnx

  4. hi ,

    i want to know, how i restart the script from zero or what is restart command..

    normally it begins from zero every midnight(00.00)

    thx

    best regards

Leave a Comment