What's new
By:

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Notification if someone tries to access a web server remotely?

B

bmn1

Senior Member
If I have a web server of some kind on for instance port 5000, is it possible to somehow get a notification every time someone tries to access it remotely (with their IP)? Or at least log it somewhere?
 
bmn1 said:
If I have a web server of some kind on for instance port 5000, is it possible to somehow get a notification every time someone tries to access it remotely (with their IP)? Or at least log it somewhere?
Click to expand...
Most webservers have the ability to log the access, you just have to enable it and set the location.
 
I was hoping to get it straight at the router. I have so many different kinds of servers (also without good logging functions). So if it's not easily possible, what's the hard way? I see it's possible to log to an external log server, but is that just for the system logs and not showing external IPs? If it's possible to use that, perhaps a logging server have an option to send email or push notifications when an IP tries to use a web server.
 
The logic would be to log a port forward event to syslog (by increasing log level perhaps), then have a cron job run a script that greps the event line, uses the time and IP as variable in an email sent to you.
Sounds doable to me.
Share when you're done.
 
bmn1 said:
All that should be possible directly on the router, am I right?
Click to expand...
I guess so, at least this is how I would try to get it to work If I'd need it.
But I don't.
Good luck with scripting and let us know if and how it works when you celebrate your success.
 
If you have "many different servers" and you are needing logging since they don't log, you should probably be looking at a more feature rich firewall than a run of the mill consumer device. I think you will be in for a rude awakening if you get per access alerting setup. Things that are exposed directly to the Internet will eventually get discovered and scanned on a regular basis. This is why application layer logging and alerting is usually much better since you can alert upon success/failure at the app itself instead of just some script kiddie sweeping your IP every 60 seconds.
 
You must log in or register to reply here.

Similar threads

W
Access AX88U Web GUI remotely using Instant Guard vs port forwarding
Replies
5
Views
479
welim
W
N
OpenVPN - Local Access on a DDNS to forwarded ports.
Replies
1
Views
499
octopus
octopus
D
Sending AT commands to 5G modem.
Replies
6
Views
1K
Tech Junky
T
D
Feature request: Two factor authentication web login. (TOTP)
Replies
8
Views
1K
DJones
D
fenguix
Wireguard server: can't connect SMB volumes
Replies
6
Views
2K
DJones
D
Similar threads
Thread starter Title Forum Replies Date
L Is someone trying to access my router? Asuswrt-Merlin 3

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Staff online

Members online

Total: 795 (members: 20, guests: 775)
Back
Top