Question
I have been having a couple of issues with the current fail2ban implementation. this lead me to be looking at Crowdsec and wondered if anyone has any experience of Crowdsec?Anyone running on GridPane? If so, how is it?
Is Crowdsec something that might be integrated natively?
Response
Another Resposne to Question: I've looked at it, but didn't really like that it uses a plugin. More plugins equal more opportunity for an exploit.
True, more plugins increase the attack vector. However, this looks to be a helper plugin similar to LSCache plugin for Litespeed Caching. Which is required to integrate with WordPress, so it's a good thing they have a proper integration with WordPress.
Anyone running on GridPane? If so, how is it?
No, I have not used it with GridPane.
Is Crowdsec something that might be integrated natively?
Overall it looks superior to the current 6/7G firewall and even Modsec because it's crowd-sourcing intelligence data and is opensource and free to use. However, 7/6G and Modsec still offer great static rules and could be used in conjunction with a bit of tweaking.
I don't see a future for 6/7G because it's static, rarely updated, and requires care and feeding to ensure false positives aren't blocked. Oh, and the care and feeding is a technical penalty as you have to craft a workaround or search for one created by someone else.
The overall goal is a balance of ease to implement and manage while blocking most attacks (say 90%). This is great for smaller/medium traffic sites, and for larger, you will need to get to 95%+
Modsec is EOL 2024, and the coreruleset.org team is moving to Corza, which doesn't have support for Nginx yet https://coreruleset.org/20211222/talking-about-modsecurity-and-the-new-coraza-waf/
You can read more about Corza here https://coraza.io/
So what's left? Crowdsec, Corza or a Cloud WAF such as Cloudflare.
I'm all in Cloudflare, simply due to the continued improvements of their technology and services and ease of management.
I try to limit my care and feeding time so that I can focus my time on more essential tasks which I'm sure everyone can agree on.