Module for the Apache HTTP Web Server that allows filtering of unwanted web traffic.
Use with the Crowdsec API service to filter unwanted traffic from a website or application fronted by Apache httpd.
When blocked, requests will return 302 Temporary Redirect to the fully qualified URL specified in the CrowdsecLocation directive. The URL is interpreted using the expression API allowing the interpretation of variables in the request. If CrowdsecLocation points at a relative URL, we return an internal redirect to the specified path.
If the CrowdsecLocation directive is not specified, we return 429 Too any Requests, as defined in RFC6585. This response can be further customised into a fixed response or an URL or path to redirect to by using the ErrorDocument directive in Apache httpd. Full details for customising the error handling can be found here: Custom Error Responses
To build debian package:
dpkg-buildpackage -us -ucInstallation
sudo dpkg -i crowdsec-apache2-bouncer_1.0.0_amd64.deb
sudo a2enmod mod_crowdsecConfiguration file is in /etc/crowdsec/bouncers/crowdsec-apache2-bouncer.conf :
## Basic configuration
CrowdsecURL http://127.0.0.1:8081
CrowdsecAPIKey this_is_a_bad_password
# Behavior if we can't reach (or timeout) LAPI
# block | allow | fail
CrowdsecFallback block
# Target location for blocked requests. If not set, the default is to return HTTP 429
#CrowdsecLocation /denied
## Cache configuration
# Cache engine used
CrowdsecCache shmcb
# Expiration in seconds
CrowdsecCacheTimeout 60
You then need to add Crowdsec on to the relevant locations.