#!/bin/bash
FIREWALL="/opt/firewall/firewall.sh"
ACCESS="/tmp/minute.log"
ATTACK="module-php"
PHP_SPAM=$(grep $2 $ACCESS | grep -E ".php|cgi-bin|wp-content|wp-admin|wp-includes" | wc -l)
if [[ "$PHP_SPAM" -gt 10 ]]; then
	bash $FIREWALL ipBlockParser "$1"
	bash $FIREWALL message "$ATTACK-$1"
	redis-cli SADD tmp_block $1
fi