CrowdSec
Description
Overview
CrowdSec on OneCloudPlanet — the modern fail2ban successor: it analyzes your service logs, blocks attackers and shares IP reputation with the community — millions of servers defend you.
What is CrowdSec?
An open source attack detection and blocking system: SSH brute-force, scan and web-exploit detectors; bouncers for firewall/nginx; shared blocklists — an IP that attacked anyone in the network is blocked preventively.
Why on OneCloudPlanet?
Collective immunity: ~70% of blocks are preventive, from shared lists.
Lightweight: runs beside your app even on a $6 instance.
Complements the free Firewall: Firewall closes ports, CrowdSec catches attacks on the open ones. See pricing.
How to launch
1) Sign in at console.ocplanet.cloud
2) Open Marketplace and choose CrowdSec
3) Pick a configuration and location
4) Wait for deploy
5) Change the default credentials
Post-deploy checklist
• Install collections for your stack (sshd, nginx, wordpress)
• Add a firewall bouncer
• Enroll in the CrowdSec console for shared lists
• Check decisions: cscli decisions list
FAQ
CrowdSec or fail2ban? CrowdSec sees not only your logs but collective attack data — blocking attackers before their first attempt on you.
Free? Yes, MIT; only extra cloud console features are paid.