bogdan/zira-etc
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Files
f7af00565c7b8164993623a945b099ae1121d667
zira-etc/crowdsec/hub/scenarios/crowdsecurity/nginx-req-limit-exceeded.yaml
bms8197 f7af00565c committing changes in /etc made by "-bash" 
Package changes:
2023-06-12 09:31:52 +03:00

14 lines
325 B
YAML
Raw Blame History

type: leaky
#debug: true
name: crowdsecurity/nginx-req-limit-exceeded
description: "Detects IPs which violate nginx's user set request limit."
filter: evt.Meta.sub_type == 'req_limit_exceeded'
leakspeed: "60s"
capacity: 5
groupby: evt.Meta.source_ip
blackhole: 5m
labels:
service: nginx
type: bruteforce
remediation: true
Reference in New Issue View Git Blame Copy Permalink