diff --git a/dashboard/frontend/src/routes/Security.svelte b/dashboard/frontend/src/routes/Security.svelte index 843611b..29cf99d 100644 --- a/dashboard/frontend/src/routes/Security.svelte +++ b/dashboard/frontend/src/routes/Security.svelte @@ -86,8 +86,41 @@ filter !== "all" || !!ipFilter.trim() || !!startDate || !!endDate ); - const typeLabels = { auth_failure: "Auth", suspicious_request: "Request", error: "Error" }; - const typeColors = { auth_failure: "text-red-400", suspicious_request: "text-amber-400", error: "text-surface-500" }; + function isBlockedScannerEvent(entry) { + if (entry.type !== "unauthorized") return false; + + const message = (entry.message || "").toLowerCase(); + return [ + "/.git/", + "phpinfo", + "debug.log", + "laravel.log", + "stripe", + "swagger.json", + "wp-config", + "credentials", + "secrets", + "config", + "@vite", + "manifest.json", + ].some((needle) => message.includes(needle)); + } + + const logTypeFilters = ["all", "auth_failure", "suspicious_request", "unauthorized"]; + const logTypeButtonLabels = { + all: "All", + auth_failure: "Auth", + suspicious_request: "Requests", + unauthorized: "Blocked", + }; + + const typeLabels = { auth_failure: "Auth", suspicious_request: "Request", unauthorized: "Blocked", error: "Error" }; + const typeColors = { + auth_failure: "text-red-400", + suspicious_request: "text-amber-400", + unauthorized: "text-orange-400", + error: "text-surface-500" + };
@@ -171,9 +204,9 @@
- {#each ["all", "auth_failure", "suspicious_request"] as f} + {#each logTypeFilters as f} {/each}
@@ -236,6 +269,9 @@ {#if e.username} {e.username} {/if} + {#if isBlockedScannerEvent(e)} + scanner + {/if} {e.message} {/each}