Appsec / NGinx / Distributed Network
Hi,
Quick question as I'm not sure at all...
I have a distributed network, with a "central" LAPI.
All bouncers and "distributed" LAPI connect to this "central LAPI".
The same for the bouncers, they all connect to the "central LAPI".
Do I need to setup the appsec component on the nginx bouncer to this central LAPI too ? With the APPSEC_URL= config...
The appsec acquis.d/appsec.yaml is configured everywhere, so I have everywhere the 7422 port open. But not sure where I have to connect with my nginx bouncer...
ATM I have setup to connect everything to the "central appsec" (port 7422), it's probably how it's supposed to work...
But then, can I remove the acquis.d/appsec.yaml configuration on each "distributed" node ?
4 Replies
Important Information
This post has been marked as resolved. If this is a mistake please press the red button below or type
/unresolve© Created By WhyAydan for CrowdSec ❤️
If you have a crowdsec local to the bouncer, feeding alerts back to the central lapi then you can use the appsec component on each indiviudal crowdsec level. However, this may become a pain for distributing rules (if using custom rules) then you can just do appsec on the central LAPI and expose it but then this may add some latency.
thx for the reply. It's a small network, atm I have connected everything to the central point and it seem to work fine.
I will stay that for now, but it's a good thing that I can come back to the local bouncer.
Resolving Appsec / NGinx / Distributed Network
This has now been resolved. If you think this is a mistake please run
/unresolve