You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: crowdsec-docs/docs/central_api/blocklist.md
+22-2Lines changed: 22 additions & 2 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -12,8 +12,8 @@ The "Community Blocklist" is a curated list of IP addresses identified as malici
12
12
# Community Blocklist Variation and Eligibility
13
13
14
14
The rules are different for free and paying users:
15
-
- Free users that **do not** contribute get the `Community Blocklist (Lite)`
16
-
- Free users that **do** contribute get access to the `Community Blocklist`
15
+
- Free users that **do not regularly** contribute get the `Community Blocklist (Lite)`
16
+
- Free users that **do regularly** contribute get access to the `Community Blocklist`
17
17
- Paying users get access to the `Community Blocklist (Premium)`, even if they don't contribute
18
18
19
19
Regardless of the blocklist "tier" you have access to (`Lite`, `Community`, `Premium`), each Security Engine gets a tailored blocklist based on the kind of behavior you're trying to detect.
@@ -38,3 +38,23 @@ The *Community Blocklist (Premium)* blocklist content has no size limit, unlike
38
38
Free users that are not actively contributing to the network or that have been flagged as cheating/abusing the system will receive the *Community Blocklist (Lite)*.
39
39
40
40
This Blocklist is capped at 3 thousand IPs.
41
+
42
+
## Why is my Security Engine on the Lite Blocklist?
43
+
44
+
This can vary from engine to engine, but the most common reasons are:
45
+
46
+
1. Your services are designed for self-hosting (videos, pictures, etc.) and are intended to be accessed only by a small group of people.
47
+
48
+
In this case, your services may not be well known to the internet at large, so you may see less malicious traffic than a more public service such as a blog or ecommerce site.
49
+
50
+
2. You already have a comprehensive security setup that reduces the need for the Community Blocklist. These measures can include:
51
+
- Geoblocking (restricting access to specific countries or your country of origin)
52
+
- IP whitelisting with a default deny-all policy
53
+
- VPN-only access
54
+
- Requiring authentication via an OAuth provider (e.g., Authentik, Authelia, Keycloak)
55
+
56
+
This simply a result of your security model and access requirements, its neither an issue with your setup nor a limitation on our end.
57
+
58
+
3. Your CrowdSec installation may not be configured to monitor all your services.
59
+
60
+
If you suspect this might be the case, refer to our [post-installation guide](/u/getting_started/next_steps) to ensure full coverage.
0 commit comments