I have been running crowdsec on my OpenWRT firewall for a bit now, I am just curious as to what others think about it?

Thank you @irmadlad the webui you suggested is showing the logs a lot better than my vibe coded HA plug ins (both my ssh honey pot and my plug in showed nothing) looking over the logs shows so much activity that is happening.

  • SomeDudeFromSpace@lemmy.ml
    link
    fedilink
    English
    arrow-up
    3
    arrow-down
    1
    ·
    7 hours ago

    I had it running in front of my Matrix server. With the default configuration it gave a lot of false positives, leaving friends out of the server. Also, most of my users use VPNs regularly, so geo-blocking was a hassle too. I tuned it a bit, but kept giving me headaches, so I ended up disabling it. I’ll spend more time tuning it someday.

    • talentedkiwi@sh.itjust.works
      link
      fedilink
      English
      arrow-up
      1
      ·
      4 hours ago

      Yeah, I keep getting myself blocked because of something I’m hosting is giving a lot of false positives. I suppose I’ll have to dig into it at some point. For now I just whitelist the IPs I use.

    • stratself@lemdro.id
      link
      fedilink
      English
      arrow-up
      1
      ·
      6 hours ago

      I don’t think geoblocking would be a great fit for Matrix, since you’d be contacted by servers from all over the world. It’s more suitable for something like a static website