From f7ac93a626973897296cf91a4155706f9b19a028 Mon Sep 17 00:00:00 2001
From: cschantz <admin@server.local>
Date: Fri, 6 Mar 2026 22:26:37 -0500
Subject: [PATCH] FIX: Make Apache log detection non-fatal (don't block other
 monitoring)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Issue: Script was returning error if Apache logs not found, blocking HTTP
attack monitoring and cluttering the threat feed display.

Before:
  No Apache logs found → ERROR message in threat feed → return 1 (failure)
  Result: Confusing error, but other monitoring (SYN, SSH, email) continues

After:
  No Apache logs found → Log warning to debug.log → return 0 (success)
  Result: Clean threat feed, other monitoring continues unaffected

Impact:
- SYN flood detection continues (not dependent on Apache logs)
- SSH brute force detection continues
- Email attack detection continues
- Firewall block detection continues
- Only HTTP attack monitoring (from Apache logs) is skipped

This allows the script to work on servers without Apache or with
non-standard log locations, while still providing comprehensive
network-level threat detection.

Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
---
 modules/security/live-attack-monitor-v2.sh | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/modules/security/live-attack-monitor-v2.sh b/modules/security/live-attack-monitor-v2.sh
index 176408d..d365cfa 100755
--- a/modules/security/live-attack-monitor-v2.sh
+++ b/modules/security/live-attack-monitor-v2.sh
@@ -1897,9 +1897,10 @@ monitor_apache_logs() {
     fi
 
     if [ ${#log_files[@]} -eq 0 ]; then
-        echo "ERROR: No accessible Apache log files found" >> "$TEMP_DIR/recent_events"
-        echo "Control panel: ${SYS_CONTROL_PANEL}, Log dir: ${LOG_DIR}" >> "$TEMP_DIR/recent_events"
-        return 1
+        # Apache logs not found - skip HTTP monitoring but continue with other monitoring
+        # This is non-fatal; other monitors (SYN, SSH, email, etc.) will continue
+        echo "[WARNING] No accessible Apache log files found (control panel: ${SYS_CONTROL_PANEL}, log dir: ${LOG_DIR})" >> "$TEMP_DIR/debug.log" 2>/dev/null
+        return 0  # Don't fail - let other monitoring continue
     fi
 
     # Monitor all log files