git-dumper requests not being blocked despite sensitive-files scenario
Hi all,
I'm having the CrowdSec + nginx bouncer setup on a server with a publicly accessible
The nginx logs are correctly parsed and enriched (
The sensitive-files scenario
β s00-raw
| β
crowdsecurity/syslog-logs
| β
crowdsecurity/non-syslog (+5 ~8)
β s01-parse
| β crowdsecurity/nginx-logs (+23 ~2)
β s02-enrich
| β crowdsecurity/dateparse-enrich (+2 ~2)
| β crowdsecurity/geoip-enrich (+13)
| β crowdsecurity/http-logs (+7)
| β custom/whitelists (unchanged)
| β crowdsecurity/whitelists (unchanged)
β-------- parser success
β Scenarios
β crowdsecurity/http-crawl-non_statics
What could I be missing here? Do I need to customize the pattern list in the scenario? Or is this not covered by default?
Thanks!
I'm having the CrowdSec + nginx bouncer setup on a server with a publicly accessible
.git/git-dumperThe nginx logs are correctly parsed and enriched (
cscli explainThe sensitive-files scenario
crowdsecurity/http-sensitive-filesgit-dumpercscli explainhttp-crawl-non_staticshttp-sensitive-filesβ s00-raw
| β
crowdsecurity/syslog-logs| β
crowdsecurity/non-syslog (+5 ~8)β s01-parse
| β
crowdsecurity/nginx-logs (+23 ~2)β s02-enrich
| β
crowdsecurity/dateparse-enrich (+2 ~2)| β
crowdsecurity/geoip-enrich (+13)| β
crowdsecurity/http-logs (+7)| β
custom/whitelists (unchanged)| β
crowdsecurity/whitelists (unchanged)β-------- parser success
β Scenarios
β
crowdsecurity/http-crawl-non_staticsWhat could I be missing here? Do I need to customize the pattern list in the scenario? Or is this not covered by default?
Thanks!
