Fixed by myself, deleted directory and created a new captcha 
docker logs Crowdsec shows
sqlite is not using WAL mode
the Crowdsec doc say it would be ok to add
use_wal: true
to db_conig in user_yaml
Will this be ok, here?
I have not seen that before. Please try it
Accept the enrollment on crowdsec console
I did enroll and accepted it, it is shown on the ui. I do not see any alerts.
The decision list is empty.
oot@ubuntu-4gb-nbg1-2:~# docker exec -it crowdsec cscli metrics
โญโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโฎ
โ Acquisition Metrics โ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโฌโโโโโโโโโโโโโฌโโโโโโโโโโโโโโโฌโโโโโโโโโโโโโโโโโฌโโโโโโโโโโโโโโโโโโโโโโโโโฌโโโโโโโโโโโโโโโโโโโโค
โ Source โ Lines read โ Lines parsed โ Lines unparsed โ Lines poured to bucket โ Lines whitelisted โ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโผโโโโโโโโโโโโโผโโโโโโโโโโโโโโโผโโโโโโโโโโโโโโโโโผโโโโโโโโโโโโโโโโโโโโโโโโโผโโโโโโโโโโโโโโโโโโโโค
โ file:/var/log/traefik/access.log โ 95 โ 95 โ - โ 74 โ - โ
โฐโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโดโโโโโโโโโโโโโดโโโโโโโโโโโโโโโดโโโโโโโโโโโโโโโโโดโโโโโโโโโโโโโโโโโโโโโโโโโดโโโโโโโโโโโโโโโโโโโโฏ
โญโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโฎ
โ Local API Decisions โ
โโโโโโโโโโโโโโโโโโโฌโโโโโโโโโฌโโโโโโโโโฌโโโโโโโโค
โ Reason โ Origin โ Action โ Count โ
โโโโโโโโโโโโโโโโโโโผโโโโโโโโโผโโโโโโโโโผโโโโโโโโค
โ ssh:bruteforce โ CAPI โ ban โ 2699 โ
โ http:bruteforce โ CAPI โ ban โ 1432 โ
โ http:crawl โ CAPI โ ban โ 646 โ
โ http:exploit โ CAPI โ ban โ 8977 โ
โ http:scan โ CAPI โ ban โ 2546 โ
โฐโโโโโโโโโโโโโโโโโโดโโโโโโโโโดโโโโโโโโโดโโโโโโโโฏ
โญโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโฎ
โ Local API Metrics โ
โโโโโโโโโโโโโโโโโโโโโโฌโโโโโโโโโฌโโโโโโโค
โ Route โ Method โ Hits โ
โโโโโโโโโโโโโโโโโโโโโโผโโโโโโโโโผโโโโโโโค
โ /v1/allowlists โ GET โ 21 โ
โ /v1/heartbeat โ GET โ 20 โ
โ /v1/usage-metrics โ POST โ 1 โ
โ /v1/watchers/login โ POST โ 1 โ
โฐโโโโโโโโโโโโโโโโโโโโโดโโโโโโโโโดโโโโโโโฏ
โญโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโฎ
โ Local API Machines Metrics โ
โโโโโโโโโโโโโฌโโโโโโโโโโโโโโโโโฌโโโโโโโโโฌโโโโโโโค
โ Machine โ Route โ Method โ Hits โ
โโโโโโโโโโโโโผโโโโโโโโโโโโโโโโโผโโโโโโโโโผโโโโโโโค
โ localhost โ /v1/allowlists โ GET โ 21 โ
โ localhost โ /v1/heartbeat โ GET โ 20 โ
โฐโโโโโโโโโโโโดโโโโโโโโโโโโโโโโโดโโโโโโโโโดโโโโโโโฏ
โญโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโฎ
โ Parser Metrics โ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโฌโโโโโโโฌโโโโโโโโโฌโโโโโโโโโโโค
โ Parsers โ Hits โ Parsed โ Unparsed โ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโผโโโโโโโผโโโโโโโโโผโโโโโโโโโโโค
โ child-crowdsecurity/http-logs โ 285 โ 230 โ 55 โ
โ child-crowdsecurity/traefik-logs โ 190 โ 95 โ 95 โ
โ crowdsecurity/dateparse-enrich โ 95 โ 95 โ - โ
โ crowdsecurity/geoip-enrich โ 95 โ 95 โ - โ
โ crowdsecurity/http-logs โ 95 โ 95 โ - โ
โ crowdsecurity/non-syslog โ 95 โ 95 โ - โ
โ crowdsecurity/public-dns-allowlist โ 95 โ 95 โ - โ
โ crowdsecurity/traefik-logs โ 95 โ 95 โ - โ
โ crowdsecurity/whitelists โ 95 โ 95 โ - โ
โฐโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโดโโโโโโโดโโโโโโโโโดโโโโโโโโโโโฏ
โญโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโฎ
โ Scenario Metrics โ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโฌโโโโโโโโโโโโโโโโฌโโโโโโโโโโโโฌโโโโโโโโโโโโโโโฌโโโโโโโโโฌโโโโโโโโโโค
โ Scenario โ Current Count โ Overflows โ Instantiated โ Poured โ Expired โ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโผโโโโโโโโโโโโโโโโผโโโโโโโโโโโโผโโโโโโโโโโโโโโโผโโโโโโโโโผโโโโโโโโโโค
โ crowdsecurity/http-crawl-non_statics โ 2 โ - โ 18 โ 43 โ 16 โ
โ crowdsecurity/http-probing โ 2 โ - โ 6 โ 29 โ 4 โ
โ crowdsecurity/http-sensitive-files โ - โ - โ 1 โ 2 โ 1 โ
โฐโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโดโโโโโโโโโโโโโโโโดโโโโโโโโโโโโดโโโโโโโโโโโโโโโดโโโโโโโโโดโโโโโโโโโโฏ
โญโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโฎ
โ Whitelist Metrics โ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโฌโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโฌโโโโโโโฌโโโโโโโโโโโโโโค
โ Whitelist โ Reason โ Hits โ Whitelisted โ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโผโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโผโโโโโโโผโโโโโโโโโโโโโโค
โ crowdsecurity/public-dns-allowlist โ public DNS server โ 95 โ - โ
โ crowdsecurity/whitelists โ private ipv4/ipv6 ip/ranges โ 95 โ - โ
โฐโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโดโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโดโโโโโโโดโโโโโโโโโโโโโโฏ
root@ubuntu-4gb-nbg1-2:~#
I do not find the error
Apply the crowdsec middleware to a resource using the middleware manager
You should see some entries like this in resources-override.yml
10-router-auth:
entryPoints:
- websecure
middlewares:
- crowdsec@file
- badger@http
priority: 100
rule: "Host(`YOUR_RESOURCE_DOMAIN`)"
service: "10-service@http"
tls:
certResolver: "letsencrypt"
If not the crowdsec isnโt applied to your incoming routers
I canโt access the MM dashboard. The following error message appears in the log, but unfortunately I donโt understand it with my limited abilities.
Initial resource check failed: failed to fetch resources: HTTP request failed: Get โ``http://pangolin:3001/api/v1/traefik-configโ:`` dial tcp 172.18.0.4:3001: connect: connection refused
Pangolin logs show api is started
2025-12-01T10:54:43+00:00 [info]: API server is running on http://localhost:3000
2025-12-01T10:54:43+00:00 [info]: Internal server is running on http://localhost:3001
After some minutes of wait, dashboard is reachable, I try
1 Like
Thank you for your patience and support.
I added the crowdsec bouncer to one resource, traefik dashboard shows the added middleware and no errors.
I added my IP, Step 14. Can see it in the decision list. The IP is not blocked, can access the resource
7-Calibre-router-auth-auth:
entryPoints:
- websecure
middlewares:
- crowdsec@file
- badger@http
priority: 100
rule: "Host(`xxxxxxxxxx`)"
service: "7-Calibre-service@http"
tls:
certResolver: "letsencrypt"
1 Like
its an overide file, its a separation from the main router/middleware we have to do to keep a track, what is your issue with it, anywhere it is causing a problem??
thankyou for explanation. Can I get rid off this override, please