Logo

Command Palette

Search for a command to run...

active.protect.block
ActiveProtect Block

Triggered when ActiveProtect blocks an IP address due to suspicious activity

This webhook is sent when ActiveProtect blocks an IP address due to suspicious activity. The payload includes server information where the block occurred and details about the blocked activity.

Payload Example

{
  "timestamp": 1757011079,
  "event_type": "active.protect.block",
  "server": {
    "uid": "550e8400-e29b-41d4-a716-446655440001",
    "vendor_uid": "i-0123456789abcdef0",
    "name": "web-server-01",
    "address": "203.0.113.10",
    "distro": "ubuntu",
    "distro_version": "20.04",
    "dns_record": "web-01.example.com",
    "user_name": "cloud66",
    "server_type": "aws",
    "server_roles": [
      "web",
      "docker"
    ],
    "server_group_id": 123,
    "stack_uid": "stack-550e8400-e29b-41d4-a716",
    "has_agent": true,
    "params": {
      "size": "t3.medium",
      "region": "us-east-1",
      "subnet": "subnet-12345"
    },
    "created_at": "2024-01-15T10:30:00Z",
    "updated_at": "2024-02-15T14:20:00Z",
    "region": "us-east-1",
    "availability_zone": "us-east-1a",
    "ext_ipv4": "203.0.113.10",
    "int_ipv4": "10.0.1.100",
    "ext_ipv6": "2001:db8::1",
    "int_ipv6": "fd00::1",
    "health_state": 1,
    "personal_key": false,
    "has_deploy_gateway": false,
    "deploy_gateway_address": null,
    "deploy_gateway_user_name": null
  },
  "activeprotect_action": {
    "server": "550e8400-e29b-41d4-a716-446655440000",
    "address": "192.168.1.45",
    "country": "United States",
    "country_code": "US",
    "attack": "SSH",
    "port": 22,
    "banned": true,
    "action_date": "2024-02-15T14:23:41Z"
  }
}
Related Models:ServerActiveprotect action
active.protect.change
ActiveProtect Change

Triggered when ActiveProtect detects unauthorized file changes on your servers

This webhook is sent when ActiveProtect detects unauthorized file changes on your servers. The payload includes server information and file change details.

Payload Example

{
  "timestamp": 1757011079,
  "event_type": "active.protect.change",
  "server": {
    "uid": "550e8400-e29b-41d4-a716-446655440001",
    "vendor_uid": "i-0123456789abcdef0",
    "name": "web-server-01",
    "address": "203.0.113.10",
    "distro": "ubuntu",
    "distro_version": "20.04",
    "dns_record": "web-01.example.com",
    "user_name": "cloud66",
    "server_type": "aws",
    "server_roles": [
      "web",
      "docker"
    ],
    "server_group_id": 123,
    "stack_uid": "stack-550e8400-e29b-41d4-a716",
    "has_agent": true,
    "params": {
      "size": "t3.medium",
      "region": "us-east-1",
      "subnet": "subnet-12345"
    },
    "created_at": "2024-01-15T10:30:00Z",
    "updated_at": "2024-02-15T14:20:00Z",
    "region": "us-east-1",
    "availability_zone": "us-east-1a",
    "ext_ipv4": "203.0.113.10",
    "int_ipv4": "10.0.1.100",
    "ext_ipv6": "2001:db8::1",
    "int_ipv6": "fd00::1",
    "health_state": 1,
    "personal_key": false,
    "has_deploy_gateway": false,
    "deploy_gateway_address": null,
    "deploy_gateway_user_name": null
  },
  "watched_file": {
    "server": "550e8400-e29b-41d4-a716-446655440001",
    "file_path": "/etc/nginx/nginx.conf",
    "is_changed": false,
    "created_at": "2024-01-15T10:30:00Z",
    "updated_at": "2024-02-15T14:25:00Z"
  }
}
Related Models:ServerWatched file