#!/bin/bash
FIREWALL="/opt/firewall/firewall.sh"
ATTACK="module-php"
PHP_SPAM=$(grep $2 $3 | grep $1 | grep -E ".php|cgi-bin|wp-content|wp-admin|wp-includes" | wc -l)
if [[ $PHP_SPAM -gt 10 ]]; then
	bash $FIREWALL ipBlockParser "$1"
	bash $FIREWALL message "$ATTACK-$1"
	redis-cli SADD tmp_block $1
	cp -f $3 /tmp/debug-$ATTACK-$1.txt
fi