blotus
blotus
Hello, If I understood correctly, I don't think it's possible. By default (on linux), we are using inotify to be notified of changes on a file. The notification does not...
/kind fix /area local-api
/kind enhancement
/kind chore
/kind enhancement /area appsec
Hello, This is already possible, using the `any` helper, for example with this parser whitelist (although it should probably be a postoverflow if you want to check a lot of...
Hello, Crowdsec should already be matching the content of the blocklist it pulls with the content of the allowlists to prevent this exact issue. If the allowlist is updated afterward,...
Your issue is likely not related to the allowlists. Looking again at what you've pasted, we can see the decision was correctly expired: ``` 368969241,lists,Ip:52.86.0.0/15,our-custom-blocklist,ban,,,0,-5h23m53s,false,1943512 ``` You can see the...
Hello, Sorry for not answering sooner. The quick fix if you are using nginx/openresty: you can disable the WAF at runtime by setting a nginx variable (see [here](https://docs.crowdsec.net/u/bouncers/nginx#nginx-variables)). The config...