-
Notifications
You must be signed in to change notification settings - Fork 147
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
support apache errors log and http basic bruteforce #53
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
lgtm, did you had chance to check it doesn't conflict with nginx ?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
minor questions, first review was a bit too quick
@@ -0,0 +1,15 @@ | |||
# 404 scan |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
do we want to add this into the generic http collection ?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
not yet since it will not work with nginx currently and the http collection is used by the nginx one
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Are there plans on when that might be? It's nice that crowdsec is detecting those now but since they're not linked to a scenario, it's just detected but not remediated.
* fix the RDNS post overflow * up * update postoverflows * up new bouncers for wip_lapi * fix http logs enricher (#55) Co-authored-by: AlteredCoder <AlteredCoder> * fix statics ressources extensions list (#56) * fix index.json * update blockers.json * bump version * update the bouncer desc * update blockers * support apache errors log and http basic bruteforce (#53) * update .index.json * Add a Ci workflow to test all configurations (#60) * ci initial testing * test like this * typo * do the trick ? * fix ? * add id for having output * add the dispatch thingy * add first test * should be better * typo * typo * update to use junit output format * add ci display * fix simulation.yaml * upgrade github actions * trigger ci * simpler stuff ? * always run report * is this there ? * test * fix the .index.json file not found * add patterns * test * test ? * some debug * change the auth log * trigger * trigger * test * test like this * trigger * trigger * typo * trigger * trigger * try this * trigger * tst ? * test * hop * should be fine now * add result file * add a bunch of tests * typo * fix iptables test * add bucket input * update ban-defcon-drop_range.yaml * taxonomy generation (#61) update CI for crowdsec 1.0 * little cleanup on some stuff before 1.0 (#63) * little cleanup on some stuff before 1.0 * change branches on CI workflow * remove debug: true * remove duplicate debug * Update index Co-authored-by: AlteredCoder <AlteredCoder> Co-authored-by: GitHub Action <action@github.com> * fix scenario : ban-report-ssh_df (#66) Co-authored-by: erenJag <erenJag> Co-authored-by: Thibault bui Koechlin <thibault@crowdsec.net> * Update index Co-authored-by: Thibault bui Koechlin <thibault@crowdsec.net> Co-authored-by: AlteredCoder <64792091+AlteredCoder@users.noreply.github.com> Co-authored-by: AlteredCoder <AlteredCoder> Co-authored-by: GitHub Action <action@github.com> Co-authored-by: erenJag <64777133+erenJag@users.noreply.github.com>
This PR fix #50 #53 .