feat(crowdsec): 启用验证码挑战
这个提交包含在:
@@ -62,6 +62,7 @@ spec:
|
|||||||
data:
|
data:
|
||||||
enabled: false
|
enabled: false
|
||||||
config:
|
config:
|
||||||
|
# api config.yaml配置
|
||||||
config.yaml.local: |
|
config.yaml.local: |
|
||||||
db_config:
|
db_config:
|
||||||
type: postgresql
|
type: postgresql
|
||||||
@@ -71,6 +72,32 @@ spec:
|
|||||||
user: app
|
user: app
|
||||||
password: nyrHzh9WWlDZzvVw7bDFo74gKb9zsls0Sy7OwRTDWiRTNPQQQkW85taUFAoX2AIC
|
password: nyrHzh9WWlDZzvVw7bDFo74gKb9zsls0Sy7OwRTDWiRTNPQQQkW85taUFAoX2AIC
|
||||||
sslmode: require
|
sslmode: require
|
||||||
|
# api profiles.yaml配置
|
||||||
|
profiles.yaml:
|
||||||
|
name: captcha_remediation
|
||||||
|
filters:
|
||||||
|
- Alert.Remediation == true && Alert.GetScope() == "Ip" && Alert.GetScenario() contains "http" && GetDecisionsSinceCount(Alert.GetValue(), "24h") <= 3
|
||||||
|
decisions:
|
||||||
|
- type: captcha
|
||||||
|
duration: 4h
|
||||||
|
on_success: break
|
||||||
|
---
|
||||||
|
name: default_ip_remediation
|
||||||
|
filters:
|
||||||
|
- Alert.Remediation == true && Alert.GetScope() == "Ip"
|
||||||
|
decisions:
|
||||||
|
- type: ban
|
||||||
|
duration: 4h
|
||||||
|
on_success: break
|
||||||
|
---
|
||||||
|
name: default_range_remediation
|
||||||
|
filters:
|
||||||
|
- Alert.Remediation == true && Alert.GetScope() == "Range"
|
||||||
|
decisions:
|
||||||
|
- type: ban
|
||||||
|
duration: 4h
|
||||||
|
on_success: break
|
||||||
|
# agent parsers 配置
|
||||||
parsers:
|
parsers:
|
||||||
s01-parse:
|
s01-parse:
|
||||||
# 新增nginx json日志解析
|
# 新增nginx json日志解析
|
||||||
|
|||||||
在新议题中引用
屏蔽一个用户