| Error message | Likely cause | Fix |
|---------------|--------------|-----|
| TBRG: failed to fetch from AdGuardNet | Network block or expired SSL cert | Check firewall rules; update CA certificates |
| publicphp upd: permission denied | PHP script not executable or wrong ownership | chmod 755 upd.php and set owner to web user |
| Filter list checksum mismatch | Partial download or corrupted mirror | Re-run update after clearing cache |
If you see something like:
updater:
url: http://tbrg.adguardnet.local/publicphp/upd
interval: 3600
Interpretation: You have a custom integration where an internal update service for AdGuard filters is defined. tbrg adguardnet publicphp upd
Action: Validate that the endpoint is still needed. Update credentials if applicable. | Error message | Likely cause | Fix
find /var/www -name "*.php" -mtime -7 -exec ls -la {} \;
php -l /path/to/suspicious/file.php
Fix applied:
grep -rn "tbrg adguardnet publicphp upd" /var/log/
grep -rn "publicphp/upd" /etc/ /var/www/ /opt/adguard/
find / -name "*.php" -exec grep -l "publicphp\|tbrg" {} \;
Any publicly accessible PHP script that performs updates (especially with names like update.php, upd.php, upgrade.php) is a high-risk asset. Interpretation: You have a custom integration where an
| Time | Event |
|------|-------|
| 08:42 | Monitoring alert: publicphp health check failed (HTTP 502) |
| 08:45 | TBRG engineer confirmed UDP egress from publicphp to AdGuardNet dropping |
| 08:52 | MTU reduced from 1500 to 1432 on publicphp host |
| 08:58 | Service restarted; connectivity restored |
| 09:04 | All metrics back to normal; backlog cleared |
lsof | grep "publicphp"
systemctl status | grep -i adguard
ps aux | grep -E "php|adguard"