feat: update suspicious activity display to show last 10 requests and improve database filtering

src/database.py

@@ -1767,7 +1767,11 @@ class DatabaseManager:
 
             # Filter out local/private IPs and server IP, then sort
             filtered = [
-                {"ip": row.ip, "count": row.count, "category": row.category or "unknown"}
+                {
+                    "ip": row.ip,
+                    "count": row.count,
+                    "category": row.category or "unknown",
+                }
                 for row in results
                 if is_valid_public_ip(row.ip, server_ip)
             ]

src/routes/dashboard.py

@@ -23,7 +23,7 @@ async def dashboard_page(request: Request):
 
     # Get initial data for server-rendered sections
     stats = db.get_dashboard_counts()
-    suspicious = db.get_recent_suspicious(limit=20)
+    suspicious = db.get_recent_suspicious(limit=10)
 
     # Get credential count for the stats card
     cred_result = db.get_credentials_paginated(page=1, page_size=1)

src/templates/jinja2/dashboard/index.html

@@ -46,6 +46,9 @@
         {# Map section #}
         {% include "dashboard/partials/map_section.html" %}
 
+        {# Suspicious Activity - server-rendered (last 10 requests) #}
+        {% include "dashboard/partials/suspicious_table.html" %}
+
         {# Top IPs + Top User-Agents side by side #}
         <div style="display: flex; gap: 20px; flex-wrap: wrap;">
             <div class="table-container" style="flex: 1; min-width: 300px;">
@@ -78,9 +81,6 @@
                 <div class="htmx-indicator">Loading...</div>
             </div>
         </div>
-
-        {# Suspicious Activity - server-rendered #}
-        {% include "dashboard/partials/suspicious_table.html" %}
     </div>
 
     {# ==================== ATTACKS TAB ==================== #}