Crowdsec (#733)

Co-authored-by: Amitai Burstein <[email protected]>
Gizra · Nov 18, 2024 · 09fd86c · 09fd86c
1 parent 86b5b3d
commit 09fd86c
Show file tree

Hide file tree

Showing 7 changed files with 1,304 additions and 88 deletions.
diff --git a/README.md b/README.md
@@ -519,3 +519,10 @@ when a privileged user will login, they must enable their TFA. Otherwise, on a s
 login, they will already be blocked. A site admin may reset their validation tries
 under the `/admin/people` page.
 The TFA method that is enabled is one that uses Google authenticator (or similar).
+
+## WAF - Crowdsec
+
+It is recommended to use a proper WAF, either from Cloudflare, or from another vendor, but
+for smaller sites, it is not always possible.  [Crowdsec](https://www.crowdsec.net/) is integrated
+to protect the client sites from known malicious visitors. If used in conjuction with Cloudflare or with other type of gateway that hides the originating address,
+you need to make sure Drupal is aware of the real IP of the visitors.
diff --git a/composer.json b/composer.json
@@ -38,6 +38,7 @@
         "drupal/core-composer-scaffold": "^10",
         "drupal/core-project-message": "^10",
         "drupal/core-recommended": "^10.0",
+        "drupal/crowdsec": "^1.1",
         "drupal/default_content": "^2.0@alpha",
         "drupal/emptyparagraphkiller": "^2.0",
         "drupal/entity_browser": "^2.9",