I’ve installed crowsec on a self-hosting server I have at home. I have a https://jellyfin.org/ server there and whenever I try to access, after a few requests, the rule
crowdsecurity/http-crawl-non_statics is triggered. Two things I’d like to do :
- add whitelist to ignore URLs that have
- maybe improve
crowdsecurity/http-crawl-non_staticsdetection to not consider this as “bad traffic” (I can provide some nginx logs for this), where should I start for this ?
I’ve read https://doc.crowdsec.net/write_configurations/whitelist/ and https://doc.crowdsec.net/getting_started/concepts/#event and here is the pseudo code I though of :
reason: "ignore jellyfin" expression: - "'/jellyfin' in evt.Parsed.request"
One of the questions I have is, how do I do a list of whitelist rules ? (I currently have the default ‘private ipv4 ranges’)