Crowdsec Alternatives

Reviews and mentions

• How secure is Openwrt out of the box?
  2 projects | reddit.com/r/openwrt | 28 Nov 2021

  Hello, it might be low tier question but i really want to know about securing openwrt, specially ssh port. Is it possible to implement Endlessh or CrowdSec (Endlessh preferred) in openwrt?

• Block GET requests that aren't to my website
  1 project | reddit.com/r/nginx | 26 Nov 2021

  I'd like to suggest CrowdSec for this. It's free and open source and based on crowdsourced threat intelligence. Think if it as an advanced version of fail2ban.

• Even large corporate institutions like McKinsey starts endorsing open-source...
  1 project | reddit.com/r/opensource | 23 Nov 2021

  I can totally relate to that as I also work at an open source project called CrowdSec. I really find it satisfying to support the community by giving them a good tool for free, no strings attached.

• Help! Left a SSH server with weak password&username. Checked logs and I'm getting brute forced.
  3 projects | reddit.com/r/sysadmin | 20 Nov 2021

  I'll suggest CrowdSec instead. It's free, open source and crowdsourced threat intelligence based IPS and IDS (and much more). Basically one of the ideas behind it was to create a modern version of fail2ban in that it's based on crowdsourced threat intelligence and capable of taking much more advanced decisions. The crowdsourced part means that it - like f2b parses logfiles and detects attacks. Then it sends anonymized, basic intelligence about those attacks to the rest of the ecosystem and downloads relevant blocklists so that bad guys are blocked before they get the chance to attack. On top of that it can detect portscannings and all sorts of ressource abuse like botscraping, creditcard stuffing, data exfiltration, and various web-attacks and block those attacks either on L3 or L7 using host firewalls or blocking directly in applications like wordpress, php web apps in general, nginx, Cloudflare or others. The sky is literally the limit here.

  3 projects | reddit.com/r/sysadmin | 20 Nov 2021

  Therefore I'll suggest looking into CrowdSec as an alternative. It's free, open source and crowdsouced and meant as a modern alternative to f2b; written in go so it's fast and capable of taking much more advanced decisions so that it can detect and prevent all sorts of resource abuse like L7 DDoS attacks (and prevent free anti-DDoS on Cloudflare), data exfiltration, bot scraping, credit card stuffing and much more.

• An actual secure selfhosted Reverse Proxy with cool stats?
  3 projects | reddit.com/r/selfhosted | 19 Nov 2021

  I would recommend looking at a tool like CrowdSec for that. You don't mention whether using traefik is a must or not but nginx is better supported (and traefik support is on it's way).

• Turning my raspberry pi into a web server (on the internet). Question about security.
  1 project | reddit.com/r/raspberry_pi | 19 Nov 2021

  Would you consider installing CrowdSec on your Amazon VPS instead? I ask because CrowdSec's using crowdsourced threat intelligence (and is free, open source and basically works as a modern and more advanced version of fail2ban) so I would really want you to donate your attack data. That could be really useful to the project.

• What are the best ways to prevent someone from hacking into your VPS?
  1 project | reddit.com/r/webdev | 15 Nov 2021

  Depending on what you want to do with your VPS, it might make sense to take a look at CrowdSec, which is free, open source, crowdsourced threat intelligence. Think of it as an improved and modern version of fail2ban (even though it can do so much more). The really cool thing about it is that is (anonymously) shares threat intelligence from all users so that attackers attacking others in the ecosystem will be automatically blocked. It does what you would expect fail2ban to do but has much more advanced logic and is capable of detecting abnormal behavior (using rulebased approach, no AI/ML ftw). That is a bit fluffy but it means that exfiltrating data, botscraping, DDoS and much more can also be detected and blocked either on L3 via host firewall (iptables, nftables or pf) or on L7 via nginx, cloudflare, wordpress, any php app and more.

• Wordpress failed login attempt on every user!
  1 project | reddit.com/r/selfhosted | 12 Nov 2021

  You could also try out CrowdSec; crowdsourced threat intelligence meant as a modern version of f2b sharing all user's collective threat intelligence by default and capable of doing much more intelligent decsisions like detect DDoS attacks and other sorts of abuse. The built-in Wordpress support protects wp-admin by default and is capable of 'flex blocking' e.g. forcing suspicious users through a CAPTCHA (rather than hard-blocking them).

• Mailx SMTP settings location
  1 project | reddit.com/r/linuxquestions | 12 Nov 2021

  I would say it depends on your threat analysis. If you’re afraid of anyone abusing your sendmail for spamming purposes I would say that you’re good to go. If you want to protect it towards a number of other threats, exploiting and god knows what you need something else, for instance CrowdSec which is a modern version of f2b using crowdsourced threat intelligence (and being way more advanced). Parsing postfix logs are supported out of the box (spammers are detected too) - so is blocking abuse via the host firewall on Linux and FreeBSD. Disclaimer: I am head of community at CrowdSec and an avid user myself. If you’re interested and wants to know more, please let me know. I’ll be more than happy to help you out in any way I can.

• security: is renaming wp-admin effective?
  2 projects | reddit.com/r/Wordpress | 12 Nov 2021

  CrowdSec could also do the trick - for free using open source. Disclaimer: I am head of community at CrowdSec and an avid user myself. If you’re interested to know more, let me know and I’ll be happy to help you out.

  2 projects | reddit.com/r/Wordpress | 12 Nov 2021

  I would also recommend CrowdSec with a Wordpress bouncer. I am head of community at CrowdSec and an avid user myself. CrowdSec is free, open source crowd sourced threat intelligence and meant to be a modern version of fail2Ban but ended up being so much more - among others native support for Wordpress, free to use.

• Please help with given task
  1 project | reddit.com/r/laravel | 11 Nov 2021

  I would definately suggest taking a look at CrowdSec also. It’s free and open source crowd sourced threat intelligence. In plain english it means that it’s a modern version of fail2ban that is able to do more advanced decisionmaking (like determining what is ‘normal’ webtraffic and block the rest). The crowd sourced part means that when it parses your log (same thing f2b does btw) it shares anonymized data on the attacks you’re seeing with the other CrowdSec users. Also it has a module for Cloudflare capable of providing you with free anti-DDoS on L7. Read about it here. And much more!

• Cloudflare privacy conscious alternatives?
  1 project | reddit.com/r/PrivacyGuides | 11 Nov 2021

  Thanks for mentioning CrowdSec here :-) It happens more and more so I guess we're doing something right.

• How do I protect against these intrusion attempts?
  1 project | reddit.com/r/webdev | 7 Nov 2021

  I would definately suggest taking a look at CrowdSec here. The original intention was to create a modern version of fail2ban - but is so much more. Let me try to explain how and what that means.