mathieuHa
commented
3 months ago Hi @Victor-Hiya,
I think you can already do this with the current version of the plugin.
The parameter is UpdateMaxFailure : Used only in stream and alone mode, the maximum number of time we can not reach Crowdsec before blocking traffic (set -1 to never block)
Like in the documentation set to -1 to never block or something like 100, so you block only after 100 times the update interval which will allow you to notice if crowdsec is not available for a long time
Tell me if you think that can work for you, Best
Victor-Hiya
Is your feature request related to a problem? Please describe. 🐛 We are using the plugin in order to protect different Staging and Production environments from attacks. From time to time, the Crowdsec endpoint might be unavailable (due to updates, restarts, infra unavailability, networking issues, etc), and when this happens, all requests are banned (HTTP 403), because of the unreachable URL when the crowdsecQuery is executed. This is significantly impacting our uptime, and preventing the usage of the plugin in environments with high availability requirements.
Describe the solution you'd like ✨ I would like the Middleware to allow requests in case that any of the Crowdsec endpoints is unreachable. I think for most deployments it's better to shortly allow some traffic from a potentially malicious source rather than block all traffic.
Additional context If you consider the solution to be valuable, I could help to implement the parameter. I think it shouldn't be a big change.