Zoraxy Forensics - March 2026
I am beginning to look at a number of issues with my home lab.
This was a major one, as the whole point of this exercise is to increase my coding skills, familiarity with Linux and how to run servers and additional services associated with them.
I have attached a report. This report is generated as follows
- A script has been written that pulls the zoraxy logs and filters them
- This script is then run by cron weekly and shoots the administators an email
- The contents of this file is then fed to a AI which returns the attached report
- The administators then make appropriate adjustments based on said report
I have made a number of changes in the backend being
- Retest and validate the fail2ban filter for zoraxy - working again, & testing
- Implement recommendations in the report
The report is included here.
I have not vetted the report. I believe this is counter to the whole point of transparency, and the report contains a good deal of information on what is hitting your reverse proxies, assuming you are an enthusiast, employed in the field or just love this stuff.
If I had not embarked on this little project of discovery and learning I would be none the wiser.
Anyhow, I will get around to updating the zoraxy configuration post, and the related components related to fail2ban and its integration with zoraxy, I am just waiting for an email to see if it is working as designed. The previous implementation failed due to a log format update I did not notice when updating my proxy to the latest version.
Here is the configuration post. It is updated as I make changes
Leon SCOTT
I am not at this time sharing the zoraxy-forensic-report script. Mainly because I am constantly testing it and throwing it to the AI to build the report I have attached at the top.
I dont believe in bullshit, and I believe in transparency. If that is naive so be it. But when I began this journey all I wanted to do was learn and do it right. I hate been taught the wrong way, at my age its hard to undo.
#enoughsaid