- Issue created by @joergM
- 🇩🇪Germany jurgenhaas Gottmadingen
Sorry @joergM for my late response.
This is not a bug, this is how this is supposed to be working. It tells us (a) that your local environment works with IPv6 and (b) that something is creating too many 4xx requests to the site, which is recognized as malicious behaviour and the IP therefore gets banned for a period of time.
You can turn off the "whisper" monitoring in the crowdsec settings, if you don't bother about such behaviour. However, it is a pretty good feature to keep such requests away from your website, e.g. if somebody is testing all those
/wp-*
paths.Good practice seems to be, to only use the crowdsec module in production and not in local development environments, because there it is fairly expected that you get 4xx requests. Or you could use the config_split module and with that keep crowdsec enabled but disable the whisper module locally.
- Status changed to Postponed: needs info
over 1 year ago 4:46pm 14 February 2023