Search Results

server { listen 443 ssl; server_name null.somedomain.name; ssl_certificate /etc/letsencrypt/somedomain.name/certificates/_.somedomain.name.crt; ssl_certificate_key /etc/letsencrypt/somedomain.name/certificates/_.s...

## # Server Signature ## more_set_headers "Server: <null>"; server_tokens off; ## # SSL Settings ## ssl_protocols TLSv1.2 TLSv1.3; # Dropping SSLv3 (POODLE), TLS 1.0, 1.1 ss...

Adding repository curl -s https://install.crowdsec.net | sudo sh Installing security engine apt install crowdsec Installing IPTABLES remediation component apt install crowdsec-firewall-bouncer-iptables Creating a whitelist for trusted sources cscli all...

The AppSec engine works as WAF analyzing traffic and blocking malicious activity based and on the predefined rule set of known attack vectors. Installing the ruleset cscli collections install crowdsecurity/appsec-virtual-patching crowdsecurity/appsec-generic...

All the reports can be seen in the CrowdSec Alerts console

Don't forget to add a cronjob to update the signatures touch /usr/local/sbin/waf-update.sh chmod +x /usr/local/sbin/waf-update.sh nano -w /usr/local/sbin/waf-update.sh #!/bin/sh cscli appsec-rules upgrade -a --force crontab -u root -e 5 5 * * 0 /u...

More details here nano -w /etc/fail2ban/jail.local [nginx-bad-request] enabled = true port = http,https filter = nginx-bad-request logpath = %(nginx_error_log)s [nginx-botsearch] enabled = true port = http,https filter = nginx-botsearc...