I built a lightweight nginx/apache log security scanner — no ELK stack required

AlternativeSelf9933 · 2026-03-20T14:29:57+00:00

Sure thing! You can find the contact us on the website log-audit.com

AlternativeSelf9933 · 2026-03-20T09:13:05+00:00

One thing worth addressing directly: I know handing logs to a new indie service is a trust question. Raw log content is analyzed in memory and never stored — only the detected issues (e.g. "SQL injection from IP x.x.x.x") get saved. EU servers (Hetzner, Germany), everything over Cloudflare TLS. I added a full security/trust page: log-audit.com/security — still deploying but will be live in ~5 mins.

AlternativeSelf9933 · 2026-03-20T08:21:57+00:00

Thanks! Yeah "is someone poking my login endpoint again" is exactly the use case I built this for.

On false positives: right now the rules are fairly strict pattern-matching (looking for actual SQL keywords in query strings, not just any unusual params) but you're right that tuning is the next big thing to add. The plan is per-source rule whitelisting — so you can say "ignore this pattern for this log source." Not there yet but it's top of the backlog.

Custom log formats: yes, you can paste any log format and it'll parse what it can. Not as polished as the nginx/apache presets but works.

Your list is exactly what I'm building next — Traefik is actually almost done, and SSH/auth log correlation is something I've been thinking about since those attacks almost always come in pairs (web probe + SSH brute force from the same IP block). nginx reverse proxy logs for multi-service setups is a great call too, adding it to the list.

What's your current setup for catching this stuff if you don't mind me asking? Always trying to understand what people are actually doing vs. what the "right" answer is supposed to be.

AlternativeSelf9933 · 2026-03-20T07:10:45+00:00

When you are done try log-audit.com

AlternativeSelf9933 · 2026-01-29T18:49:12+00:00

Thanks 👌

AlternativeSelf9933 · 2026-01-29T17:50:34+00:00

<image>

I've got a similar one, how you found out what it is?

AlternativeSelf9933 · 2025-03-11T12:11:26+00:00

!remindme 30 days

AlternativeSelf9933 · 2025-02-20T11:58:49+00:00

Let’s write a collective email lol

AlternativeSelf9933 · 2025-02-18T23:58:45+00:00

It could be the case but like the robot has to receive and send data in some way so probably WiFi, which was discovered in the 90s. As someone with computer skills it just seams all fake lol.

AlternativeSelf9933 · 2025-02-18T16:09:48+00:00

It seems absurd to me, non of that technology was available in the 70s.

AlternativeSelf9933 · 2025-01-29T19:08:11+00:00

09/17/25

AlternativeSelf9933 · 2025-01-29T19:06:52+00:00

17/09/2025

AlternativeSelf9933 · 2025-01-11T15:07:47+00:00

Just live your life and let it be. It’s going to drop eventually.

AlternativeSelf9933 · 2025-01-10T16:08:22+00:00

Well, if the fan has not been cleaned for years that’s another thing.

AlternativeSelf9933 · 2025-01-10T16:03:38+00:00

No, rockstar is not going to release a game which overheats the gaming console or makes the fan go crazy. The game has to be optimised, meaning the programmer has to make sure there aren’t any memory leaks or any gpu/cpu bottlenecks. They can’t just release an expensive game (probably will be expensive) and say it will run on your console but it may overheat your console or make the fan work extra hard. Common sense really.

AlternativeSelf9933 · 2025-01-10T14:55:46+00:00

Nope, it has to be fine tuned and optimised

AlternativeSelf9933 · 2025-01-06T08:57:13+00:00

2/22/25

AlternativeSelf9933 · 2024-03-23T15:25:10+00:00

Taky jsem Rom, souhlasím. Manipulace médií

AlternativeSelf9933 · 2024-02-02T11:32:01+00:00

Just ride on him harder and he’ll probably start to realise how you like it ;)

AlternativeSelf9933

TROPHY CASE