Blocking countries

Hi all.

crowdsec has a geoip-enrich parser, for geolocation detection. Can it be used to block all but the allowed countries?

Is there an example with a script?

This shouldn’t really be the use case for this. Since CrowdSec is reactive not proactive it means there will always be a single request that gets through.

A better fit would be to use an external firewall / application specific that can handle this.

The intended use of country was to detect DDOS from country publish a short term ban which then get handled by cloudflare bouncer (which currently is the only bouncer that support country bans)