- 
                Notifications
    You must be signed in to change notification settings 
- Fork 3.3k
Description
Is your feature request related to a problem? Please describe.
I would like to add protection for sites to NPM and be able to block IP's based on reputation/scenario using Crowdsecurity https://github.com/crowdsecurity which is a log analyzer and reactive firewall, something like fail2ban but in a much modern architecture and suitable for the containers world and having a distributed banlist generated from users around the world.
The question/feature request is how/where to add the https://github.com/crowdsecurity/cs-nginx-bouncer module to nginx config.
This bouncer leverages nginx lua's API, namely access_by_lua_file.
New/unknown IPs are checked against crowdsec API, and if request should be blocked, a 403 is returned to the user, and put in cache. The exact desired action can be configured in Crowdsec, like displaying captcas etc.
Describe the solution you'd like
I would like to have an easy way (example maybe) to deploy the bouncer without breaking things in npm.
Describe alternatives you've considered
None so far since it might take you minutes to offer a solution and it would take me hours to tweak things and break them :)
Additional context
Please have a look at https://crowdsec.net/  to understand what is crowdsec and how it works.
I use jc21/nginx-proxy-manager:latest for NPM and https://github.com/crowdsecurity/crowdsec/tree/master/docker for Crowdsec containers analyzing the nginx logs allready written by NPM on disk (docker map volumes ./npm_data/logs/:/var/log/nginx/ and have a quick look at acquis.yaml which tells crowdsec which logs to parse, mine looks like this):
`filenames:
- /var/log/nginx/*.log
 labels:
 type: nginx`
Thank you and hope you'd consider this as a valuable addition to NPM