LogHQ

Real-time Threat Detection from Your Nginx Logs

Know when your servers are under attack. LogHQ monitors your nginx access logs and detects threats to WordPress and WooCommerce sites in real time.

Get Started Free View Pricing
30s Agent Deploy
60s Detection Latency
Zero Dependencies
400 Lines of Code
How It Works

Live in 60 Seconds

Three steps from install to real-time threat monitoring. No root required, no dependencies to manage.

01

Create Server

Add your server in the LogHQ dashboard and receive your unique agent key.

02

Install Agent

Run a single command. The agent runs as www-data via cron — no root privileges needed.

curl -s https://loghq.net/agent/install.sh | bash
03

Monitor Dashboard

Threats appear in your live dashboard within 60 seconds via WebSocket. Real-time, always.

Threat Detection

What LogHQ Catches

Purpose-built detection for WordPress and WooCommerce attack patterns, plus general exploit scanning.

WordPress Brute-Force

Detects attacks on wp-login.php, xmlrpc.php, and other login endpoints. Tracks velocity and source IPs.

WooCommerce Protection

Catches customer data enumeration, order harvesting, coupon probing, and payment gateway discovery attempts.

Exploit Scanning

Identifies path traversal, SQL injection, .bak/.sql file hunting, and vulnerability scanner fingerprints.

Sensitive Data Leaks

Alerts on probes for .env, .git, phpinfo, wp-config and other files that should never be publicly accessible.

Geo-IP Intelligence

Country-of-origin tracking for every threat. Identify geographic attack patterns and top source regions.

Real-time Alerts

Instant notifications via Telegram, email, and browser push. HTTP status filtering distinguishes blocked vs. successful attacks.

Under the Hood

Built for Security Teams

A single inspectable Python script with read-only access. No binaries, no secrets, no attack surface.

Agent Security

  • Single 400-line Python script — fully inspectable, no binaries
  • Read-only access to nginx logs only
  • No root privileges — runs as www-data via cron
  • SHA-256 verified self-updates
  • One-way data flow — server to dashboard only
  • No remote execution — cannot run commands on your server

Privacy & Compliance

  • GDPR-compliant by design
  • IP anonymization toggle — masks last octet
  • Email masking in threat logs
  • One-click data export in JSON
  • Full account deletion with complete data removal
  • Sends threat data only — not full logs or user content
Dashboard

Everything at a Glance

Live threat feed, heatmaps, downloadable reports, and email intelligence — all in one place.

Live Threat Feed

WebSocket-powered real-time feed with timestamps, attack types, source IPs, and targeted endpoints.

Heatmap Visualizations

Geographic and temporal heatmaps showing attack patterns, peak hours, and top source countries.

Downloadable Reports

HTML reports with 10 customizable sections. Schedule email intelligence reports for stakeholders.

Pricing

Simple, Transparent Plans

Start free. Upgrade when you need alerts, longer retention, or more servers.

Free
$0
Free forever
  • 1 server
  • 1 log source per server
  • 7-day retention
  • Live dashboard
  • Real-time threat feed
  • Geo-IP intelligence
Get Started
Most Popular
Pro
$19 /month
For production sites
  • 5 servers
  • 10 log sources per server
  • 30-day retention
  • Telegram & email alerts
  • Full HTML reports
  • Email intelligence
Start Pro
Team
$49 /month
For teams & agencies
  • 10 servers
  • 15 log sources per server
  • 60-day retention
  • 4 team members
  • All Pro features
  • Priority support
Start Team
Get Started

Start Monitoring in 60 Seconds

Deploy the agent, open the dashboard, and see threats appear in real time. No credit card required.

Create Free Account