I switched from fail2ban to crowdsec on my personal server when the 1.0 version has been released.
I enabled the ssh, http and mysql “collections” and iptable bouncer but I’m still missing something.
I’m using basic-auth on some parts of my nginx web server and I’d like to have a scenario to prevent nginx basic auth bruteforces.
I read the docs about how to create custom configurations but I don’t really understand where to begin, knowing that the nginx parsers etc should already be done and I could just convert the fail2ban jail to a crowdsec scenarios.
Can someone explain where to begin?