From 6067857dad5abc02e6f0331f0d256d2e7b6ecf7a Mon Sep 17 00:00:00 2001 From: "Gan, Jimmy" Date: Sat, 7 Mar 2026 10:36:37 +0800 Subject: [PATCH] fix: clarify blocked security events Label unauthorized security events as blocked and highlight likely scanner probes so the log view is easier to interpret during investigations. Co-Authored-By: Claude Opus 4.6 (1M context) --- dashboard/frontend/src/routes/Security.svelte | 44 +++++++++++++++++-- 1 file changed, 40 insertions(+), 4 deletions(-) diff --git a/dashboard/frontend/src/routes/Security.svelte b/dashboard/frontend/src/routes/Security.svelte index 843611b..29cf99d 100644 --- a/dashboard/frontend/src/routes/Security.svelte +++ b/dashboard/frontend/src/routes/Security.svelte @@ -86,8 +86,41 @@ filter !== "all" || !!ipFilter.trim() || !!startDate || !!endDate ); - const typeLabels = { auth_failure: "Auth", suspicious_request: "Request", error: "Error" }; - const typeColors = { auth_failure: "text-red-400", suspicious_request: "text-amber-400", error: "text-surface-500" }; + function isBlockedScannerEvent(entry) { + if (entry.type !== "unauthorized") return false; + + const message = (entry.message || "").toLowerCase(); + return [ + "/.git/", + "phpinfo", + "debug.log", + "laravel.log", + "stripe", + "swagger.json", + "wp-config", + "credentials", + "secrets", + "config", + "@vite", + "manifest.json", + ].some((needle) => message.includes(needle)); + } + + const logTypeFilters = ["all", "auth_failure", "suspicious_request", "unauthorized"]; + const logTypeButtonLabels = { + all: "All", + auth_failure: "Auth", + suspicious_request: "Requests", + unauthorized: "Blocked", + }; + + const typeLabels = { auth_failure: "Auth", suspicious_request: "Request", unauthorized: "Blocked", error: "Error" }; + const typeColors = { + auth_failure: "text-red-400", + suspicious_request: "text-amber-400", + unauthorized: "text-orange-400", + error: "text-surface-500" + };
@@ -171,9 +204,9 @@
- {#each ["all", "auth_failure", "suspicious_request"] as f} + {#each logTypeFilters as f} {/each}
@@ -236,6 +269,9 @@ {#if e.username} {e.username} {/if} + {#if isBlockedScannerEvent(e)} + scanner + {/if} {e.message} {/each}