Tighten AI security prompts — aggressive stance for private server

Enrichment AI prompt: - Explicitly states this is a PRIVATE application - Strict threat level rules: 10+ blocklists = always critical, exploit scans = always critical, SSH-only = suspicious - Added "compromised_host" classification option - Recommendation options: ban permanently, ban 24h, monitor, ignore Sentinel batch prompt: - "Err on the side of banning" directive - .env.production/.env.local probing = targeted recon, instant ban - When in doubt, BAN — private server has no public scanning excuse - Tighter rules for automated UA detection Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-26 03:49:17 -05:00 · 2026-03-26 03:49:17 -05:00 · e7f12a6d93
commit e7f12a6d93
parent 3c4846d52c
1 changed files with 25 additions and 13 deletions
--- a/llm_team_ui.py
+++ b/llm_team_ui.py
@ -4144,16 +4144,25 @@ def admin_enrich_ip():
        log_ctx = "\n".join(ip_logs[-20:]) if ip_logs else "No log entries found."

        prompt = (
-            f"You are a cybersecurity analyst. Provide a detailed threat assessment for IP {ip}.\n\n"
+            f"You are an aggressive cybersecurity analyst protecting a production web application. "
+            f"Provide a detailed threat assessment for IP {ip}. "
+            f"This is a PRIVATE application — there is NO legitimate reason for unknown IPs to scan it.\n\n"
            f"{geo_ctx}{wc_ctx}\n"
            f"Activity log ({len(ip_logs)} total entries, showing last 20):\n{log_ctx}\n\n"
+            "THREAT LEVEL RULES (follow strictly):\n"
+            "- critical: ANY exploit scan (.env, .git, wp-admin, etc.) OR blocked on multiple DNS blocklists OR multiple user agents\n"
+            "- high: probing non-existent paths repeatedly OR hosting/proxy IP OR port scan shows only SSH\n"
+            "- medium: a few 404s on common paths from non-proxy IP\n"
+            "- low: single benign request (robots.txt, favicon)\n"
+            "- An IP blocked on 10+ DNS blocklists is ALWAYS critical regardless of log activity\n"
+            "- An IP with only port 22 open and no web service is suspicious infrastructure\n\n"
            "Provide your analysis as JSON:\n"
            '{"threat_level": "none|low|medium|high|critical",\n'
-            ' "classification": "scanner|bruteforce|bot|researcher|targeted_attack|legitimate",\n'
+            ' "classification": "scanner|bruteforce|bot|researcher|targeted_attack|compromised_host|legitimate",\n'
            ' "confidence": 0.0-1.0,\n'
            ' "summary": "2-3 sentence threat assessment",\n'
            ' "indicators": ["list of specific indicators found"],\n'
-            ' "recommendation": "specific recommended action",\n'
+            ' "recommendation": "specific recommended action — ban permanently, ban 24h, monitor, or ignore",\n'
            ' "likely_automated": true/false,\n'
            ' "pattern": "description of attack pattern if any"}\n'
        )
@ -6173,17 +6182,20 @@ def _sentinel_scan():

    # Batch analysis prompt
    prompt = (
-        "You are a web application security analyst. Analyze these log entries from the last 5 minutes "
-        "and classify each IP. Respond with ONLY a JSON array, one object per IP:\n"
+        "You are an aggressive cybersecurity sentinel protecting a PRIVATE production web application. "
+        "There is NO legitimate reason for unknown IPs to probe this server. "
+        "Analyze these log entries and classify each IP. Respond with ONLY a JSON array:\n"
        '[{"ip": "x.x.x.x", "threat": "none|low|medium|high|critical", "action": "ignore|monitor|ban", '
-        '"reason": "brief reason", "attack_type": "scanner|bruteforce|exploit|bot|legitimate"}]\n\n'
-        "Guidelines:\n"
-        "- /.git/config, /wp-admin, /phpmyadmin, /xmlrpc.php, /env, /admin.php = exploit scanner → ban\n"
-        "- Multiple different user agents from same IP = rotating scanner → ban\n"
-        "- /robots.txt or /favicon.ico alone = harmless bot → ignore\n"
-        "- Failed logins = bruteforce if >2 attempts → ban\n"
-        "- Headless chrome, bot UAs doing probing = automated scanner → ban\n"
-        "- Single 404 on a common path = probably harmless → ignore\n\n"
+        '"reason": "brief reason", "attack_type": "scanner|bruteforce|exploit|bot|compromised_host|legitimate"}]\n\n'
+        "RULES (follow strictly — err on the side of banning):\n"
+        "- ANY probe for /.git, /.env, /wp-admin, /phpmyadmin, /xmlrpc.php, /admin.php, /config = BAN immediately\n"
+        "- ANY probe for .env.production, .env.local, .env.development = BAN — this is targeted recon\n"
+        "- Multiple different user agents from same IP = rotating scanner = BAN\n"
+        "- HeadlessChrome, curl, python-requests doing probing = automated scanner = BAN\n"
+        "- Failed logins >= 2 = BAN\n"
+        "- /robots.txt or /favicon.ico ALONE from a known bot UA = ignore\n"
+        "- Everything else = BAN if it looks automated, monitor if genuinely ambiguous\n"
+        "- When in doubt, BAN. This is a private server.\n\n"
        "Log entries:\n\n"
    )
    for ip, summary, _ in analysis_items[:15]:  # max 15 IPs per scan