Skip to content

v2.4.0 - AbuseIPDB Reporting

Latest

Choose a tag to compare

@wolffcatskyy wolffcatskyy released this 13 Mar 20:42

What's New

AbuseIPDB Reporting (Optional)

Automatically report banned IPs to AbuseIPDB with smart filtering:

  • Maps CrowdSec scenarios to AbuseIPDB categories (SSH brute force → Cat 22, HTTP probing → Cat 21, etc.)
  • Only reports local CrowdSec decisions (not CAPI/blocklist to avoid circular reporting)
  • Async fire-and-forget — never blocks the bouncer
  • Configurable confidence threshold and daily rate limit
  • Prometheus metrics: abuseipdb_reports_total, abuseipdb_reports_queued, abuseipdb_rate_limited_total

Configuration

Add to your config.yaml:

abuseipdb:
  enabled: true
  api_key: "your-key-here"
  report_confidence_min: 80
  daily_limit: 100

Full Changelog: v2.3.0...v2.4.0