profit/llm-team-ui
1
0
Fork 0
Code Issues Pull Requests 2 Actions Packages Projects Releases Wiki Activity

Tighten AI security prompts — aggressive stance for private server

Browse Source 
Enrichment AI prompt:
- Explicitly states this is a PRIVATE application
- Strict threat level rules: 10+ blocklists = always critical,
  exploit scans = always critical, SSH-only = suspicious
- Added "compromised_host" classification option
- Recommendation options: ban permanently, ban 24h, monitor, ignore

Sentinel batch prompt:
- "Err on the side of banning" directive
- .env.production/.env.local probing = targeted recon, instant ban
- When in doubt, BAN — private server has no public scanning excuse
- Tighter rules for automated UA detection

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
root 2026-03-26 03:49:17 -05:00
parent 3c4846d52c
commit e7f12a6d93
1 changed files with 25 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
llm_team_ui.py
View File

@ -4144,16 +4144,25 @@ def admin_enrich_ip():
log_ctx = "\n".join(ip_logs[-20:]) if ip_logs else "No log entries found." log_ctx = "\n".join(ip_logs[-20:]) if ip_logs else "No log entries found."
prompt = ( prompt = (
f"You are a cybersecurity analyst. Provide a detailed threat assessment for IP {ip}.\n\n" f"You are an aggressive cybersecurity analyst protecting a production web application. "
f"Provide a detailed threat assessment for IP {ip}. "
f"This is a PRIVATE application — there is NO legitimate reason for unknown IPs to scan it.\n\n"
f"{geo_ctx}{wc_ctx}\n" f"{geo_ctx}{wc_ctx}\n"
f"Activity log ({len(ip_logs)} total entries, showing last 20):\n{log_ctx}\n\n" f"Activity log ({len(ip_logs)} total entries, showing last 20):\n{log_ctx}\n\n"
"THREAT LEVEL RULES (follow strictly):\n"
"- critical: ANY exploit scan (.env, .git, wp-admin, etc.) OR blocked on multiple DNS blocklists OR multiple user agents\n"
"- high: probing non-existent paths repeatedly OR hosting/proxy IP OR port scan shows only SSH\n"
"- medium: a few 404s on common paths from non-proxy IP\n"
"- low: single benign request (robots.txt, favicon)\n"
"- An IP blocked on 10+ DNS blocklists is ALWAYS critical regardless of log activity\n"
"- An IP with only port 22 open and no web service is suspicious infrastructure\n\n"
"Provide your analysis as JSON:\n" "Provide your analysis as JSON:\n"
'{"threat_level": "none|low|medium|high|critical",\n' '{"threat_level": "none|low|medium|high|critical",\n'
' "classification": "scanner|bruteforce|bot|researcher|targeted_attack|legitimate",\n' ' "classification": "scanner|bruteforce|bot|researcher|targeted_attack|compromised_host|legitimate",\n'
' "confidence": 0.0-1.0,\n' ' "confidence": 0.0-1.0,\n'
' "summary": "2-3 sentence threat assessment",\n' ' "summary": "2-3 sentence threat assessment",\n'
' "indicators": ["list of specific indicators found"],\n' ' "indicators": ["list of specific indicators found"],\n'
' "recommendation": "specific recommended action",\n' ' "recommendation": "specific recommended action — ban permanently, ban 24h, monitor, or ignore",\n'
' "likely_automated": true/false,\n' ' "likely_automated": true/false,\n'
' "pattern": "description of attack pattern if any"}\n' ' "pattern": "description of attack pattern if any"}\n'
) )
@ -6173,17 +6182,20 @@ def _sentinel_scan():
# Batch analysis prompt # Batch analysis prompt
prompt = ( prompt = (
"You are a web application security analyst. Analyze these log entries from the last 5 minutes " "You are an aggressive cybersecurity sentinel protecting a PRIVATE production web application. "
"and classify each IP. Respond with ONLY a JSON array, one object per IP:\n" "There is NO legitimate reason for unknown IPs to probe this server. "
"Analyze these log entries and classify each IP. Respond with ONLY a JSON array:\n"
'[{"ip": "x.x.x.x", "threat": "none|low|medium|high|critical", "action": "ignore|monitor|ban", ' '[{"ip": "x.x.x.x", "threat": "none|low|medium|high|critical", "action": "ignore|monitor|ban", '
'"reason": "brief reason", "attack_type": "scanner|bruteforce|exploit|bot|legitimate"}]\n\n' '"reason": "brief reason", "attack_type": "scanner|bruteforce|exploit|bot|compromised_host|legitimate"}]\n\n'
"Guidelines:\n" "RULES (follow strictly — err on the side of banning):\n"
"- /.git/config, /wp-admin, /phpmyadmin, /xmlrpc.php, /env, /admin.php = exploit scanner → ban\n" "- ANY probe for /.git, /.env, /wp-admin, /phpmyadmin, /xmlrpc.php, /admin.php, /config = BAN immediately\n"
"- Multiple different user agents from same IP = rotating scanner → ban\n" "- ANY probe for .env.production, .env.local, .env.development = BAN — this is targeted recon\n"
"- /robots.txt or /favicon.ico alone = harmless bot → ignore\n" "- Multiple different user agents from same IP = rotating scanner = BAN\n"
"- Failed logins = bruteforce if >2 attempts → ban\n" "- HeadlessChrome, curl, python-requests doing probing = automated scanner = BAN\n"
"- Headless chrome, bot UAs doing probing = automated scanner → ban\n" "- Failed logins >= 2 = BAN\n"
"- Single 404 on a common path = probably harmless → ignore\n\n" "- /robots.txt or /favicon.ico ALONE from a known bot UA = ignore\n"
"- Everything else = BAN if it looks automated, monitor if genuinely ambiguous\n"
"- When in doubt, BAN. This is a private server.\n\n"
"Log entries:\n\n" "Log entries:\n\n"
) )
for ip, summary, _ in analysis_items[:15]: # max 15 IPs per scan for ip, summary, _ in analysis_items[:15]: # max 15 IPs per scan