Secure Nginx Proxy Manager Docker Instance with Crowdsec?

Hi,

is it possible to secure a docker instance of Nginx Proxy Manager with Crowdsec (native insalled on this Ubunut 24.0.4 VPS Server)?

Im using this image for the NPM: jc21/nginx-proxy-manager:latest

I learned that crowdsec will not work with this jc21 image and you need to change the image to this one:
lepresidente/nginx-proxy-manager:latest

Doing this, I can not login into my NPM instance anymore and when switching back to the jc21 image, the whole setup is not working anymore.

Is there a working way to get Crowdsec working with the Nginx proxy manager?

Thanks

this is incorrect, it does work with the jc21 image, however, since jc21 image does not ship with a remediation component installed there is no way within that image to enforce decisions that crowdsec makes (we can still parse the logs and make decisions just no enforcement on that side hence the paragraph below). Hence lepresidente has a fork of the image to do this, I see alot of people are also turning to NPMPlus maintained by another user.

Now you can use the linux firewall remediation to enforce decisions but this only works if you do not use an upstream proxy like cloudflare as when proxy is enabled at layer 3/4 all the firewall can see is the cloudflare ip address not the proxied IP that is at layer 7.

Sorry, I don’t understand your answer. What is possible whit the JC21 which is not possible or possible with the one of lepresidente? What are the advantages of lepresidente?
As mentioned I already use CrowdSec with the Firewall Bouncer for the SSH service. No cloud flare involved.

You can block request on the within Nginx itself rather than relying on the firewall this is only useful if you want to use captcha remediation.

If you already use the firewall bouncer then you can enable the DOCKER_USER chain within the configuration file, then this will start blocking request that are proxied by docker, as docker uses NAT to expose services you must enable this chain.

Sorry, still do not get what should be the difference betweenn the JC21 and the Lepresidente Image.
Aas mentioned I use the JC21 image, crowdsec already installed on the machine, securing e.g. the SSH service.
Firewall bouncer enabled. UFW+ufw docker enabled on the host

Would be great if anyone can explain more

The difference is the jc21 image does not have this remediation component installed within it as Lepresidente fork does.

If you dont use an upstream proxy like cloudflare then you can just use jc21 image, point crowdsec towards the logs, enable DOCKER_USER chain within the firewall bouncer configuration and thats it.

You dont have to to use Lepresidente fork, its just there as an option if you do use an upstream proxy like cloudflare.

Ok, got that JC21 images works.

But still missing, what the advantage of this remediation component, besides supporting cloudflare.