feat(scenario): Use a default list for subscribed scenarios

CHANGELOG.md

@@ -5,6 +5,17 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en)
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
 
+## [0.1.0](https://github.com/crowdsecurity/magento-cs-extension/releases/tag/v0.1.0) - 2023-07-12
+[_Compare with previous release_](https://github.com/crowdsecurity/magento-cs-extension/compare/v0.0.1...v0.1.0)
+
+
+### Changed
+
+- Use a default list for subscribed scenarios
+
+
+---
+
 ## [0.0.1](https://github.com/crowdsecurity/magento-cs-extension/releases/tag/v0.0.1) - 2023-07-11
 
 ### Added

Constants.php

@@ -49,5 +49,5 @@ class Constants extends CapiConstants
     /** @var string The user agent suffix used to send request to CAPI */
     public const USER_AGENT_SUFFIX = 'magento2';
     /** @var string The last version of this module */
-    public const VERSION = 'v0.0.1';
+    public const VERSION = 'v0.1.0';
 }

Setup/Patch/Data/CreateCmsBanBlock.php

@@ -142,7 +142,7 @@ public function apply()
 <div class="container">
     <div class="main">
         <h1>Your IP {{var ip}} has been blocked</h1>
-        <p>Find out if you are in CrowdSec community blocklist or simply blocked locally via :
+        <p>Find out if you are in CrowdSec community blocklist or simply blocked locally via:
             <a href="https://app.crowdsec.net/cti/{{var ip}}" target="_blank">CrowdSec CTI</a>
         </p>
     </div>

composer.json

@@ -2,7 +2,7 @@
     "name": "crowdsec/magento2-module-engine",
     "description": "This Magento 2 module allows sharing threat signal and benefit from the CrowdSec's community blocklist.",
     "type": "magento2-module",
-    "version": "0.0.1",
+    "version": "0.1.0",
     "minimum-stability": "stable",
     "license": "MIT",
     "authors": [

doc/USER_GUIDE.md

@@ -171,17 +171,13 @@ When a signal is sent, we use this setting to determine the ban duration (in sec
 ####  Decisions
 
 
-  In the `Decisons` part, you indicate which scenarios you wish to subscribe to in order to retrieve the community's decisions. You can also set whether you want to block banned IPs. Finally, you can set the cache used to store decisions.
+  In the `Decisons` part, you can define whether you want to block banned IPs and whether you want to ban IPs 
+  detected by local scenarios. Finally, you can configure the cache system used to store decisions.
 
 ![Decisions](images/screenshots/config-decisions.jpg)
 
 ***
 
-`Decisions → List of subscribed scenarios` (`global` scope)
-
-Selected scenarios will be used for pulling decisions from community blocklist.
-
-***
 
 `Decisions → Ban IP locally when a scenario triggers an alert` (`global` scope)
 

etc/adminhtml/system.xml

@@ -87,11 +87,6 @@
                 <label>Decisions</label>
                 <attribute type="expanded">1</attribute>
                 <comment><![CDATA[Decisions may come from the community blocklist or from local detection. Configure how you want to manage them.]]></comment>
-                <field id="subscribed_scenarios" translate="label,comment,tooltip" type="multiselect" sortOrder="100" showInDefault="1">
-                    <label>List of subscribed scenarios</label>
-                    <source_model>CrowdSec\Engine\Model\Config\Source\SubscribedScenario</source_model>
-                    <comment><![CDATA[Selected scenarios will be used for pulling decisions from community blocklist.]]></comment>
-                </field>
                 <field id="ban_locally" translate="label,comment,tooltip" type="select" sortOrder="200" showInDefault="1">
                     <label>Ban IP locally when a scenario triggers an alert</label>
                     <source_model>Magento\Config\Model\Config\Source\Yesno</source_model>

etc/config.xml

@@ -52,7 +52,7 @@
             <decisions>
                 <bounce_ban>1</bounce_ban>
                 <subscribed_scenarios>
-                    <![CDATA[crowdsecurity/http-backdoors-attempts,crowdsecurity/http-bad-user-agent]]>
+                    <![CDATA[shield/markspam,crowdsecurity/http-crawl-non_statics,crowdsecurity/jira_cve-2021-26086,crowdsecurity/http-sensitive-files,crowdsecurity/http-backdoors-attempts,shield/btinvalidscript,shield/btxml,shield/btauthorfishing,crowdsecurity/http-bad-user-agent,crowdsecurity/fortinet-cve-2018-13379,crowdsecurity/pulse-secure-sslvpn-cve-2019-11510,crowdsecurity/f5-big-ip-cve-2020-5902,crowdsecurity/http-cve-2021-41773,crowdsecurity/http-cve-2021-42013,crowdsecurity/grafana-cve-2021-43798,crowdsecurity/apache_log4j2_cve-2021-44228,crowdsecurity/spring4shell_cve-2022-22965,crowdsecurity/CVE-2022-26134,crowdsecurity/CVE-2022-35914,crowdsecurity/CVE-2022-37042,crowdsecurity/CVE-2022-40684,crowdsecurity/CVE-2022-41082,crowdsecurity/CVE-2022-41697,crowdsecurity/CVE-2022-42889,crowdsecurity/CVE-2022-44877,crowdsecurity/CVE-2022-46169,crowdsecurity/http-generic-bf,crowdsecurity/netgear_rce,crowdsecurity/http-path-traversal-probing,crowdsecurity/http-open-proxy,crowdsecurity/http-probing,crowdsecurity/http-sqli-probing,crowdsecurity/CVE-2019-18935,crowdsecurity/thinkphp-cve-2018-20062,shield/ratelimit,shield/humanspam,crowdsecurity/vmware-vcenter-vmsa-2021-0027,crowdsecurity/vmware-cve-2022-22954,crowdsecurity/http-w00tw00t,crowdsecurity/http-xss-probing,drupal/core-ban,drupal/auth-bruteforce,drupal/4xx-scan,magento2/user-enum,magento2/pages-scan,crowdsecurity/http-logs]]>
                 </subscribed_scenarios>
                 <cache>
                     <technology>phpfs</technology>