import paramiko, sys
sys.stdout.reconfigure(encoding="utf-8")

ssh = paramiko.SSHClient()
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
ssh.connect("192.168.1.76", username="root", password="7309208104")

# ModSecurity zapnutý?
_, out, _ = ssh.exec_command("docker exec swag cat /config/nginx/modsec/modsecurity.conf 2>/dev/null | grep -E 'SecRuleEngine|SecAuditEngine' | head -5")
print("=== ModSecurity status ===")
print(out.read().decode() or "(soubor neexistuje)")

# Nginx error log - poslední záznamy 403
_, out, _ = ssh.exec_command("docker exec swag tail -50 /config/log/nginx/error.log 2>/dev/null | grep -i '403\\|forbidden\\|modsec\\|block' | tail -20")
print("=== nginx error log (403/modsec) ===")
print(out.read().decode() or "(nic)")

# Access log - poslední 403
_, out, _ = ssh.exec_command("docker exec swag tail -100 /config/log/nginx/access.log 2>/dev/null | grep ' 403 ' | tail -10")
print("=== access log 403 ===")
print(out.read().decode() or "(nic)")

ssh.close()