Boosting your Linux Server Security with CrowdSec

CrowdSec is a cutting-edge security solution for your Linux servers. As an intrusion prevention system, its goal is to stop unauthorized access and prevent attacks. But unlike other IPS solutions, it does it a different way – by using knowledge as power. CrowdSec was covered on this channel before, but in this video, you’ll see an updated look complete with an overview of how to set up protection for WordPress as well.

YouTube player

Notable Replies

  1. I have the following configuration for my website running on Apache web server:

    <Directory /var/www/wp-admin>
            Header unset Content-Security-Policy
            AuthType Basic
            AuthName "Unauthorized access is strictly prohibited. This website is the property of Grayson Peddie. Anyone attempting access to the server will be subjected to prosecution upon the full extent of the law. All authorized and unauthorized activities are monitored."
            AuthUserFile /etc/apache2/.htpasswd
            require valid-user
        </Directory>
    

    Is it possible for Crowdsec to guard against basic HTTP authentication? I have a ClassicPress website and I have HTTPS setup. I have two forms of usernames and passwords.

    For those wanting to learn more about ClassicPress:

    In general, ClassicPress is a fork of WordPress 4.9 but with security in mind.

  2. Avatar for jay jay says:

    I wonder if the Wordpress bouncer would be able to work here, if the plugin is supported. I would think that CrowdSec should be able to do what you want. But I’m more of a fan of testing scenarios in a sample setup to see what happens. For example, if your server is a VM, clone it, give it a different IP, and try hammering it with invalid passwords on purpose to see exactly what it does or doesn’t do. Only then can you truly know, and I usually place custom tests like that in a higher regard than documentation - the docs might claim that it supports something, but you’ll never truly know unless you see it work for yourself.

Continue the discussion at community.learnlinux.tv

Participants

Avatar for system Avatar for GraysonPeddie Avatar for jay