IP got blocked by crowdsec instead of showing captcha (cs-php-bouncer)

Hi,

I have installed crowdsec (version: v1.2.0-0ecfe7568790a15791011da27eb24e96e7d4a39f) and crowdsec-firewall-bouncer, and the IP got blocked by crowdsec instead of showing captcha with cs-php-bouncer. If crowdsec-firewall-bouncer disabled, captcha does not show.

What can be wrong?

Hello @gergely ,

The cs-php-bouncer does not automatically return a captcha.
There is two way to do this:

  • You modify the profile (/etc/crowdsec/profiles.yaml) of your local API to generate decisions with captcha (like in this tutorial: Protect your PHP websites with CrowdSec - The open-source & collaborative security solution)
    Note: If you have a decision with a ban and another decision with a captcha for the same IP, the decision with the ban will be apply in priority
  • You can configure your bouncer to always return a captcha by adding this configuration 'max_remediation_level' => 'captcha' in the /usr/local/php/crowdsec/settings.php