Hello, i am quite new to crowdsec an really like it.
Until recently i used fail2ban on my infrastructure and migrated (and extended) everything to crowdsec.
The only thing i am missing so fare, or perhaps overlooked, is an increment option to extend the ban time for an offender each time it comes back.
Is there anything comparable in crowdsec?
In a way there is: the ips that are deemed bad by the cloud are tested right before they’re about to expire so that they don’t until they stop attacking.
On local bans there isn’t this possibility. Instead you can tweak your profiles.yaml a bit. In the docs it doesn’t seem to show similar options but I won’t rule out that it’s possible. That corner of the docs aren’t the most developed Format | CrowdSec