#crowdsec mis en place sur mes 2 rasp, même s'ils ne sont pas accessible et restent dans mon réseau local, juste pour tester cet outil vraiment bien, que j'avais déjà essayé il y a un ptit moment.

For my curiosity

yesterday I failed miserably setting up #crowdsec on my #plesk server running #centos 7

Is there a good #tutorial for this?

I know plesk is a pain in the ass so often.

#linux #CentOs7 #fail2ban

@wpsofa

Ok, I wrote a small script

WIP Article

https://mpp-service.de/en/update-geolocation-databases-for-crowdsec-wordpress/

#crowdsec #WordPress

Dear #WordPress Admins,

I have running WP inside a container, behind #traefik with #crowdsec and the #wordpress-bouncer working fine. But I would love to configure the #geoblock feature with the #geblock feature. Besides writing my own script, is there an option to update the #geoLite2 Database automatically by #crowdsec or the #crowdsec plugin. Am I missing something?

@wpsofa

#Wordpressadmin #security #wordpresssecurity #fail2ban #wordfence #wpsofa

Une doc que j'avais faite sur #autohébergement
Avec #apache #crowdsec virtualhost msmtp #docker
Je pense que c'est assez complet.

Je serais preneur de retours de ceux qui s'autohébergent concernant la sécurité. Je voudrais me lancer mais j'ai peur que si mon serveur se fait pirater, le reste du réseau local chez moi tombe aussi...

@jwildeboer
Das hat ein eigenes Dashboard?
Hab einige fail2ban Instanzen laufen. Macht ein Wechsel Sinn.

#fail2ban #crowdsec

I really need to clean up my #CrowdSec implementation. Specifically, how I’m using CrowdSec Bouncers. I have a mixture of applications that run over #Cloudflare tunnels, and others that terminate directly into my #selfhosted environment. I have a bouncer running on #OPNsense on the edge, which I’m not effectively using, and then my #Mastodon instance is using the Cloudflare bouncer, which I think is appropriate.

Now that I write this, the implementation isn’t the problem. It’s the lack of a cohesive strategy.

As an aside, if you are a #homelab or #selfhosted enthusiast, you really should check out the CrowsSec project. https://www.crowdsec.net. It’s a bit like #Cisco #Umbrella (aka #OpenDNS) in concept, but very different than that in execution.

@Gargron Oh no! Best of luck.

also. Have you considered #crowdsec ?

Die Dunkel Cloud GmbH ist nun auch offizieller Partner von CrowdSec! Gemeinsam werden wir Unternehmen in #Edge und #Cloud noch besser vor Cyberangriffen schützen können. #DunkelCloud #CrowdSec

@jeff Recommend using #crowdsec. Threat IPs are never blocked for more than 72 hours unless they continue their bad behaviour.

Test de https://www.crowdsec.net/ sur 4 serveurs (1 gitlab / 2 wordpress / 1 haproxy...) pour remplacer fail2ban. C'est sympa à déployer, et ca fait le job... Reste à peaufiner en poussant les infos dans prometheus... Sinon leur interface de gestion WEB est bien foutu... A suivre... #crowdsec

So #crowdsec is pretty busy finding malicious actors. #mastoadmin #instance

#Crowdsec is already hard at work detecting malicious actors. 🌈 #mastoadmin

Thanks to the help of the #crowdsec support team, we finally have crowdsec up and running on our #mastodon instance. #mastoadmin #beekeepingninja

@GossiTheDog
Using #crowdsec could help mitigate that, wouldn't allow the attacker to attempt 200K logins. Even using rotating IP's etc..

Should I present @osintukraine at #FOSDEM and go about the #OpenSource stack making it possible?

Maybe talk about #crowdsec usage in this context. I haven't collected all the network anomalies and attacks/probe the project faced in almost a year but it could make an interesting talk. #Ukraine

Finally up and running #crowdsec #mastodon #kubernetes #traefik

Layers of security is best and one of those should be Crowdsec!
https://www.crowdsec.net/
#crowdsec

@nameLess Thanks! I hadn't heard of #CrowdSec. Fascinating. Do you know if IPs detected to CrowdSec get reported automatically to their network service providers, or can conscientious network service providers subscribe to reports about their IPs or something? Automatic reporting via CrowdSec would be great because then I could stop wasting time doing it by hand.

@jonn_blanchard
Lets keep them coming... at least something to do for my #Crowdsec instance. 😬