Crowdsec
I have crowdsec running on my server and when I try to access Immich it blocks me. I am wondering how others have gotten around this? I am not finding anything with my Google skills.
10 Replies
I think we have the same case. The solution for me is that I have created whitelist for immich, since the client sends multiple http request to the server , which triggers the http crawl
I believe you are correct. Do you mind sharing how you did your whitelist?
@rardxyz, thanks for your help I think I figured it out. I had to create a whitelist that watches for the /api/
Considering crowdsec advertise Zero false positives and it managed to block the communication between Traefik and Immich I don't believe them š - Removed it for now as the things it was flagging isn't stuff I care about so a bot tried to poke at a CVE in an application I'm not even running.
Do you guys have any extra logging active on Immich? Or how do you send the logs to Crowdsec?
I tried with connecting Docker logs to Crowdsec, but it rarely is any logs getting sent. š¤
Mine was using the traefik logs
Mine is not blocking Immich with the traefik logs. hmm
I just monitor my SWAG reverse proxy logs, and none of immich. I donāt know if I should be monitoring immich logs though
Maybe no need since there is no specific parser for it.
I just monitor my NGINX logs for now for most of my self hosted applications
I know this is an old post but i'm having similar issues. I've got my whitelist setup so it's not blocking me anymore which is nice. However i'm wondering if anyone here knows why it's generating 403's all over the place. I only see this behavior when served through my traefik proxy and i scroll too fast through the timeline.