mirror of
https://github.com/maxlerebourg/crowdsec-bouncer-traefik-plugin.git
synced 2025-11-08 15:15:05 +01:00
7c4f5163e9
* ✨ Add wicketkeeper captcha * ✨ Anom config * 🍱 fix readme * 🍱 fix lint * 🍱 fix lint * 🍱 normalize * 🍱 fix lint * 🍱 fix lint * ✨ Add env for RemediationStatusCode (#250) * ✨ Add env for defaultStatusCode * 📝 doc * ✨change name of the parameter * 🔧 Add config check * fix lint * 📈 Report traffic dropped metrics to LAPI (#223) * Initial implementation * fix * fixes * Fixes * xx * progress * xx * xx * xx * fix linter * Progress * Fixes * xx * xx * Remove trace logger * Last fix * fix lint * fix lint * fix lint --------- Co-authored-by: Max Lerebourg <maxlerebourg@gmail.com> * ✨ Anom config * 🍱 fix readme * 🍱 fix lint * 🍱 normalize * 🍱 fix lint * 📝 Add documentation * 📝 Fix example and makefile and doc for wicketkeeper * 🍱 fix last things * 🍱 add disclaimer to use maxlerebourg docker image * 🍱 Use official wicketpeeker image * 🍱 revert unnecessary code * 🍱 fix --------- Co-authored-by: David <deivid.garcia.garcia@gmail.com> Co-authored-by: max.lerebourg <max.lerebourg@monisnap.com> Co-authored-by: mhx <mathieu@hanotaux.fr>
Example
Enabling AppSec WAF feature from crowdsec
You mostly need to configure Crowdsec for this to work by enabling virtual patching and configuring some custom rules. In the example we use a whoami container protected by crowdsec with virtual patching enabled.
The Traefik instance just needs to know where appsec engine is located
labels:
- "traefik.http.middlewares.crowdsec-bar.plugin.bouncer.crowdsecappsecenabled=true"
- "traefik.http.middlewares.crowdsec-bar.plugin.bouncer.crowdsecappsechost=crowdsec:7422"
We can try to query normally the whoami server:
curl http://localhost:8000/foo
And then we verify that a malicious request will be blocked:
curl http://localhost:8000/foo/rpc2
You should get a 403 on http://localhost:8000/foo/rpc2
To play the demo environment run:
make run_appsec