{"id":18792785,"url":"https://github.com/deekayen/unclog","last_synced_at":"2025-12-28T13:30:13.942Z","repository":{"id":138909660,"uuid":"224494117","full_name":"deekayen/unclog","owner":"deekayen","description":"Clean worms out of Apache logs.","archived":false,"fork":false,"pushed_at":"2021-03-08T05:34:29.000Z","size":1,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":3,"default_branch":"main","last_synced_at":"2024-12-29T15:29:08.881Z","etag":null,"topics":["apache","logging"],"latest_commit_sha":null,"homepage":null,"language":"PHP","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/deekayen.png","metadata":{"files":{"readme":"README","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2019-11-27T18:34:36.000Z","updated_at":"2019-12-15T01:02:27.000Z","dependencies_parsed_at":null,"dependency_job_id":"29479c02-5216-4df8-88a8-6352685a2778","html_url":"https://github.com/deekayen/unclog","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/deekayen%2Funclog","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/deekayen%2Funclog/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/deekayen%2Funclog/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/deekayen%2Funclog/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/deekayen","download_url":"https://codeload.github.com/deekayen/unclog/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":239718374,"owners_count":19685725,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["apache","logging"],"created_at":"2024-11-07T21:21:47.885Z","updated_at":"2025-12-28T13:30:13.855Z","avatar_url":"https://github.com/deekayen.png","language":"PHP","funding_links":[],"categories":[],"sub_categories":[],"readme":"I made unclog to clean worms out of my Apache logs.\n\nThis script removes entries from Apache webserver logs\ncoming from worms sitting on unpatched Windows systems with IIS.\n\nYou can prevent further log entries from Code Red variants and\nw32nimdda by making the following additions to your httpd.conf\n\n SetEnvIf Request_URI \"default\\.ida\" dontlog\n SetEnvIf Request_URI \"cmd\\.exe\" dontlog\n SetEnvIf Request_URI \"root\\.exe\" dontlog\n\nThen edit your CustomLog directive\n\n Customlog /usr/local/apache/bin/access_log common env=!dontlog\n\nOr since this is run from the prompt and not apache, you\ncould set up a cron with this script\n\nThings to note:\n - You must edit this script to tell it where the logs are\n - This gets run from a command prompt, not Apache. That means\n   you might have to edit the very first line of this file to\n   point to the right place. If you only have PHP installed as\n   as server module, this script will not work.\n - You should run this script as a user that has permission to\n   read access_log and permission to create a new file where the\n   new de-wormed log will be created\n - You have to make it executable:\n     chmod a+rx logcleaner.sh.php\n\nBenchmarks:\n I haven't done any, but for speed, you can rearange each of the\n elements of the array to put the more popular stuff in the log\n first which will speed this up. Sorting through 5000 entries\n with 1700 legit entries took about 3 seconds on my Duron 800.\n\nTo do:\n - Add more worms (I have all I know of in this script).\n - Maybe add commandline input instead of setting variables inline","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdeekayen%2Funclog","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdeekayen%2Funclog","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdeekayen%2Funclog/lists"}