False positive with http-crawl-non_statics?

I have a server inside company network that runs rocketchat and gitlab(with port mapped out of router). I found crowdsec seems to identify outside IP address of our company office at a different city as crowdsecurity/http-crawl-non_statics and blocked some of ports by netfilter bouncer. Is it intended?


It sounds like a false positive :frowning: would you mind sharing some (anonymized) logs with us so that we can look into it and see how we can reduce false positives? The workaround would be to have whitelists.

Let me know,