After putting Crowdsec, another step on securing my server is to have a Web Application Firewall to protect against malicious attempts. I was wondering, how to make Crowdsec and a WAF communicate?
For example, how can the WAF indicate to Crowdsec that an IP made a malicious attempt? In case of ban, what is the standard ban procedure and unban?
I have checked the API and I thought of route /decisions, but no POST, only GET and DELETE.
Then maybe Data Source? Though from what I understand, data sources are a thread possibly whereas the WAF would be much more certain.
Lastly, there is the command line which is not convenient for external services.
Any suggestion on how to implement this?