Advisories

Protect Your WordPress Sites with CrowdSec

Protect Your WordPress Sites with CrowdSec

The CrowdSec team is expanding the capabilities of their open-source and free security solution by finalizing the release of its brand new application bouncer on the WordPress marketplace. This new bouncer is compatible for versions 1.0.x and beyond. Given that the vast majority of websites in the world are hosted on WordPress, this addition will improve CrowdSec's defense arsenal in its mission to defend the greatest number. 

First steps

This bouncer has been designed to protect WordPress-hosted websites from all kinds of attacks. To be able to use this blocker, the first step is to install CrowdSec v.1.0.x. 

https://lh6.googleusercontent.com/QDhSD6e9SXps05sItzFg_jRudwKCCrV9w8_DvloVYw2g5x_Ta3HBJrAGcZBKUw_MzrFTVpFYfwiKp8kHaT0yTSx9WzYa83Vl0bm19I6S6m8DP2mNNRrvbwp__ku9fzuo4_RFmLVLhttps://github.com/crowdsecurity/crowdsec/releases/tag/v1.0.4

The installation and configuration of the plugin can be done in a few clicks from the WordPress marketplace.

https://lh3.googleusercontent.com/9mwWjw6gKvT8q11rmpz148l86KdSQceK8doBvR-h_y-k2frqGEKOogbuy3GEohiHpEaRJjETRThU7N_CaxMvwJMToDsSvpgolY_LZJipLnSXvmecPO9z37kq4L9bGKAVAbBssQkh

Please note that first and foremost CrowdSec must be installed on a server that is accessible via the WordPress site. Remember: CrowdSec detects, bouncers deter.


https://lh3.googleusercontent.com/yi-qjHKbsrgUGxkL6xHBiZJV3MA97ZYFYV616vOfZcQ0QnEfAsvyznJCyeO9i0QTu6Iuxqo0rdsTPUEZSObXxwVgDP0PZjlIshl6bsSkFqPnjKXvjhlAXjLRKn6pBAnCHDouHKC2

A step that is fortunately greatly facilitated by the solution's intuitive wizard.

 https://lh5.googleusercontent.com/ou6iJ4k9uSq0FEymewRTWmimKiRjbxrxUUIy2HWvcfaR83-Rij8t59HkADgeEDdtH7fGCcIZ2cCRGLDgWx8rbY7cssIlqz8kAA1BbvHPEL9MQW6xlhm7HGST9Mw3rrtjUEQ9_ykT

Within ten minutes your WordPress site will be protected from attacks by the user community, now spanning more than 70 countries and 400 cities.

The “Flex mode” - a bulwark against false positives

Thanks to the "Flex mode", it is impossible to accidentally block access to your site to people who don't deserve it. This mode makes it possible to never ban an IP but only to offer a Captcha, in the worst-case scenario.

 

 https://lh4.googleusercontent.com/0CezKn2NKNuIeirNnUWJRyQ3zse2JM9XZrpb0VD1nDtWV7Sa8F9c3MKnzRtNfgko0jTjq7oZYkNH-4HGjzltKZUn1M3b0ohy8ttHCRfHv3FA3APz9zKAhrY1F30H6a995vIyC8_w

CrowdSec blends into your design

When a user is suspected to be malevolent, CrowdSec will either send him/her a Captcha to resolve or simply a page notifying that access is denied. Please note that it is possible to customize all the colors of these pages in a few clicks so that they integrate best with your design. On the other hand, all texts are also fully customizable. This will allow you, for example, to present translated pages in your users’ language.

The standard "Captcha wall" looks like this:

https://lh5.googleusercontent.com/przD3NcDFeY4yiaeKiLZl3I9zKIFl_LT4UzesS4ueb8tHhqD2BUSPKUSvi-46b1BUXtajwqByXQt2pLx3iiq3MafOPscnpyGBzIOkSh-P1psWGO4fKw1bTu82Z-Ug4QEl8lwQ9h8

You will be able to customize it as you feel like. Below is an example after having played a little with colors and texts:

 https://lh4.googleusercontent.com/u2_RQeauQyLnslWYlDKGJDo9ARJ90NRZsTAB5s7g8kOFn2z2cEZaVF80rYW8nwJi-vjGqMH0QD7A-aCPlbUfYNIKzjjJlVs9HZPS-g6a10J8EveQTRbBvKny2xr2gsIYkLzPxv5O

The right balance between performance and security

By default, the "live mode" is enabled. The first time a stranger connects to your website, this mode means that the IP will be checked directly by the CrowdSec API. The rest of your user's browsing will be even more transparent thanks to the fully customizable cache system.

But you can also activate the "Stream mode". This mode allows you to constantly feed the bouncer with the malicious IP list via a background task (CRON), making it to be even faster when checking the IP of your visitors. Besides, if your site has a lot of unique visitors at the same time, this will not influence the traffic to the API of your CrowdSec instance.

 https://lh6.googleusercontent.com/0DDaWbY2HpFjwICjBdku35XEMmnzAOEGZDhbmfI8xh32eLho4UPVtS3-8gPrEyDAQcJ7OfjXNxOjcnBa_CfIaWRAR1Ig0iYcXoIQY7rraDpog-NaD5mTgXkoHGQ4wR_fmjF2Ubv-

If you've ever been confronted with high traffic, you are probably familiar with Redis or Memcached technologies. You have the capability to activate these caching technologies in the CrowdSec bouncer settings to guarantee invisible IP control on your site.

 

https://lh6.googleusercontent.com/iC9IY_GpMHErxDSAJovcDNO9rwnUZX2Vu-pYRG-44E5L9eRxDs1pUNrhPROAHiZfL9fR6DHOY60gBGgymjlj4SY_Ii7jSq6X13Tlgv2X-9HrK3JBFMQwBfEZfqwZDKjhTL6FAmYghttps://lh6.googleusercontent.com/NWXGzs7NoXfzZJF2zLLtlOonGPTb7UmZiMOQn1CKDMnsYQeMfqtDBCkkldCrNJ9fnvq-QPb4tjDYyj7yySQqrwAzChvi8zKj23YOidYjXbUYhkaFN-9z-vhPuCnfnUV0Z1wogCtZ

CDN-friendly without forgetting other load balancers

If you use a CDN, a reverse proxy or a load balancer, it is now possible to indicate in the bouncer settings the IP ranges of these devices in order to be able to check the IP of your users. For other IPs, the bouncer will not trust the X-Forwarded-For header.

 

https://lh5.googleusercontent.com/kibOs6DkSoA8NVr3Ev96GxouWVKBMdp2ewi3xHbBz4FzE0dQxAosNAzmDjh96BwcfKTXBAcHUy7B8hHYKcMKG7JWKIOvjGbGUDHy9Zz6Ky2k1oAGVO4T6ikVFYPVWhtj1Iz709IN

Coming up next

Soon, the plugin will have a dashboard allowing you to visualize the activity of your bouncer in live. It will also be possible to connect directly to CrowdSec's global reputation database, without having to install an agent on your machine if you don't wish to.

Widely tested, 100% open source

This plugin has been tested on the vast majority of WordPress versions installed in the world (90%+), according to WordPress real-time statistics. It has also been tested on a very wide range of PHP versions (7.2, 7.3, 7.4 and 8), the language in which WordPress is coded.

 https://lh6.googleusercontent.com/jBEVzhgCYQXRKLAHIZ-tTakE2BR9cp64ytZgdAoxJ7bNmEO-V2MgYkxH_OUrTBfciHXfKGD6aGmFVSssvInMxpQfmQfPJNSaqgC0oJBTvudPc8XWDJRHfn3Te60DQ07aaupOiOuD

This plugin is released under MIT, the most permissive and free license in the world. Its source code is fully available on GitHub.

You can discover the entire collection of CrowdSec bouncers on their Hub. Beyond this new one, you will find there more freshly released additions!

Comments (1)

This comment was minimized by the moderator on the site

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Etiam ut risus at sapien lobortis auctor vel eu sapien. Class aptent taciti sociosqu ad litora torquent per conubia nostra, per inceptos himenaeos. Quisque sodales gravida velit ac varius....

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Etiam ut risus at sapien lobortis auctor vel eu sapien. Class aptent taciti sociosqu ad litora torquent per conubia nostra, per inceptos himenaeos. Quisque sodales gravida velit ac varius. Donec sed sollicitudin urna. Mauris vulputate ipsum vehicula tristique tincidunt.

Read More
Super User (admin old)
There are no comments posted here yet

Leave your comments

  1. Posting comment as a guest. Sign up or login to your account.
Attachments (0 / 3)
Share Your Location

Print  

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.