CrowdSec

説明

Note: You must first have CrowdSec installed on your server. The installation is very simple.

CrowdSec is composed of a behavior detection engine, able to block classical attacks like credential bruteforce, port scans, web scans, etc.

Based on the type and number of blocked attacks, and after curation of those signals to avoid false positives and poisoning, a global IP reputation DB is maintained and shared with all network members.

This WordPress plugin is a “bouncer”, which purpose is to block detected attacks with two remediation systems: ban or challenge detected attackers with a Captcha.

CrowdSec

You can:

  1. Block aggresive IPs
  2. Display a captcha for less aggresive IPs

Get more info on the CrowdSec official website.

スクリーンショット

  • The general configuration page
  • Customize the wall pages - Adapt the "captcha wall" page text content with your own
  • Customize the wall pages - Adapt the "ban wall" page text content with your own
  • Customize the wall pages - Adapt the pages with your colors. You can also add custom CSS rules.
  • Advanced settings - Select the live or the stream mode. Select a cache engine (Classical file system, Redis or Memcached). Adjust the cache durations.
  • Advanced settings - Set the CDN or Reverse Proxies to trust.
  • The standard Captcha page
  • The standard Ban page
  • A Captcha wall page customization (text and colors)
  • A Ban wall page customization (text and colors)

FAQ

What do I need to make CrowdSec work?

  • You have to install a CrowdSec instance on this server.
  • You have to generate a bouncer key on the server on which CrowdSec is running.

評価

2件のレビューをすべて表示

貢献者と開発者

CrowdSec はオープンソースソフトウェアです。以下の人々がこのプラグインに貢献しています。

貢献者

“CrowdSec” をあなたの言語に翻訳しましょう。

開発に興味がありますか ?

コードを閲覧するか、SVN リポジトリをチェックするか、開発ログRSS で購読してみてください。

変更履歴

1.5 (2022-06-09)

  • Use cache instead of session to store some values

1.4 (2022-04-07)

  • Do not bounce PHP CLI

1.3 (2022-02-03)

  • Use static settings only in standalone mode

1.2 (2021-12-09)

  • Fix issue that cause warning message error on front in standalone mode
  • Fix behavior : bounce should not be done twice in standalone mode
  • Remove useless configuration to enable standalone mode

1.1 (2021-12-02)

  • Use 0.14.0 version of crowdsec php lib
  • Handle typo fixing for retro compatibility (flex_boucing=>flex_bouncing and normal_boucing=>normal_bouncing)
  • Split of debug in 2 configurations : debug and display_errors

1.0 (2021-06-24)

  • Add Standalone mode: an option allowing the PHP engine to no longer have to load the WordPress core during the
    bouncing stage. To be able to apply this mode, the webmaster has to set the auto_prepend_file PHP flag to the
    script we provide.
  • Add debug mode: user can enable the debug mode directly from the CrowdSec advanced settings panel. A more verbose log
    will be written when this flag is enabled.
  • Add WordPress 5.7 support
  • Add PHP 8.0 support

Read the full Changelog