ban duration not applying

Hi! I changed the default ban duration in profiles.yaml to 12h but its still banning 4h. What am i missing? 😅

                                                                                                               
name: captcha_remediation
filters:
  - Alert.Remediation == true && Alert.GetScope() == "Ip" && Alert.GetScenario() contains "http"
decisions:
  - type: captcha
    duration: 12h
on_success: break

---
name: default_ip_remediation
filters:
 - Alert.Remediation == true && Alert.GetScope() == "Ip"
decisions:
 - type: ban
   duration: 12h
on_success: break

---
name: default_range_remediation
filters:
 - Alert.Remediation == true && Alert.GetScope() == "Range"
decisions:
 - type: ban
   duration: 12h
on_success: break

                                                                                                               
name: captcha_remediation
filters:
  - Alert.Remediation == true && Alert.GetScope() == "Ip" && Alert.GetScenario() contains "http"
decisions:
  - type: captcha
    duration: 12h
on_success: break

---
name: default_ip_remediation
filters:
 - Alert.Remediation == true && Alert.GetScope() == "Ip"
decisions:
 - type: ban
   duration: 12h
on_success: break

---
name: default_range_remediation
filters:
 - Alert.Remediation == true && Alert.GetScope() == "Range"
decisions:
 - type: ban
   duration: 12h
on_success: break

10 Replies

CrowdSec•4w ago

Important Information

Thank you for getting in touch with your support request. To expedite a swift resolution, could you kindly provide the following information? Rest assured, we will respond promptly, and we greatly appreciate your patience. While you wait, please check the links below to see if this issue has been previously addressed. If you have managed to resolve it, please use run the command /resolve or press the green resolve button below.

Log Files

If you possess any log files that you believe could be beneficial, please include them at this time. By default, CrowdSec logs to /var/log/, where you will discover a corresponding log file for each component.

Guide Followed (CrowdSec Official)

If you have diligently followed one of our guides and hit a roadblock, please share the guide with us. This will help us assess if any adjustments are necessary to assist you further.

Screenshots

Please forward any screenshots depicting errors you encounter. Your visuals will provide us with a clear view of the issues you are facing.

DJKatastrofOP•4w ago

I changed the duration on my reverse proxy, not lapi server. If that helps

thatwhiff•4w ago

You need to change the duration on the LAPI and try reloading crowdsec & remediation component you are using

DJKatastrofOP•4w ago

so just copy my config and paste in on the lapi then? like this?

name: default_ip_remediation
#debug: true
filters:
 - Alert.Remediation == true && Alert.GetScope() == "Ip"
decisions:
 - type: ban
   duration: 12h
notifications:
    - discord
on_success: break
---
name: default_range_remediation
#debug: true
filters:
 - Alert.Remediation == true && Alert.GetScope() == "Range"
decisions:
 - type: ban
   duration: 12h 
on_success: break

name: default_ip_remediation
#debug: true
filters:
 - Alert.Remediation == true && Alert.GetScope() == "Ip"
decisions:
 - type: ban
   duration: 12h
notifications:
    - discord
on_success: break
---
name: default_range_remediation
#debug: true
filters:
 - Alert.Remediation == true && Alert.GetScope() == "Range"
decisions:
 - type: ban
   duration: 12h 
on_success: break

iiamloz•4w ago

the profiles are only evaluated on the LAPI node

DJKatastrofOP•4w ago

ah, do I need to put my capcha.html there as well? or no, only on the reverse proxy, nvm. So only change the profiles.yaml on the lapi node

iiamloz•4w ago

Yeah the reverse proxy will pull from the LAPI, so it only matters changing it there

DJKatastrofOP•4w ago

Thanks boss. Appreciate the answer

DJKatastrofOP•4w ago

DJKatastrofOP•4w ago

Working! thanks

Gaming

Programming

ban duration not applying

Did you find this page helpful?