CloudPanel and CrowdSec Integration

Experience the seamless web server management of CloudPanel while enhancing your security with the real-time benefits of CrowdSec. By integrating CrowdSec into CloudPanel, you can effortlessly manage your web server while fortifying its security. This powerful combination simplifies web server management and strengthens its defenses, providing a hassle-free hosting experience. With CloudPanel and CrowdSec working together, you can confidently focus on creating exceptional applications, knowing that your web server is in capable hands.

Installation Steps

Installing CloudPanel

To begin, start with a fresh Ubuntu 22.04 LTS server. If you haven’t installed CloudPanel on your server yet, please follow our comprehensive CloudPanel installation guide and to quickly have it installed.

Installing CrowdSec

The installation process for CrowdSec is straightforward and can be completed in three simple steps:

Installing CrowdSec Repository

To install the CrowdSec repository, execute the following command as a sudo user:

curl -s https://packagecloud.io/install/repositories/crowdsec/crowdsec/script.deb.sh | sudo bash

Installing CrowdSec

Once the repository is added, execute the following command to install CrowdSec:

apt install crowdsec

Installing a Remediation Component

After installing CrowdSec, we need to install a firewall bouncer by running the following command:

apt install crowdsec-firewall-bouncer-iptables

Resolving Potential Port Conflicts and Configuring CrowdSec for Smooth Operation

Modifying Configuration Files

A few changes need to be made to the default configuration files:

• /etc/crowdsec/config.yaml
• /etc/crowdsec/bouncers/crowdsec-firewall-bouncer.yaml
• /etc/crowdsec/local_api_credentials.yaml

To modify the config.yaml file, follow these straightforward steps:

1. Open your preferred text editor and navigate to the config.yaml file, located at /etc/crowdsec/config.yaml.
2. Locate the line that reads listen_uri: 127.0.0.1:8080 within the file.
3. Modify the line to listen_uri: 127.0.0.1:8081. This change will ensure that CrowdSec listens on port 8081 instead of the conflicting port.
4. Save the changes to the config.yaml file.

Your modified config.yaml file should now resemble the following:

To modify the crowdsec-firewall-bouncer.yaml file, follow these straightforward steps:

1. Open your preferred text editor and navigate to the crowdsec-firewall-bouncer.yaml file, located at /etc/crowdsec/bouncers/crowdsec-firewall-bouncer.yaml.
2. Locate the line that reads api_url: http://127.0.0.1:8080/ within the file.
3. Modify the line to api_url: http://127.0.0.1:8081/.
4. Save the changes to the crowdsec-firewall-bouncer.yaml file.

Your modified crowdsec-firewall-bouncer.yaml file should now resemble the following:

To modify the local_api_credentials.yaml file, follow these straightforward steps:

1. Open your preferred text editor and navigate to the local_api_credentials.yaml file, located at /etc/crowdsec/local_api_credentials.yaml.
2. Locate the line that reads url: http://127.0.0.1:8080 within the file.
3. Modify the line to url: http://127.0.0.1:8081.
4. Save the changes to the local_api_credentials.yaml file.

Your modified local_api_credentials.yaml file should now resemble the following:

Restarting Services

Once the configuration files are updated, restart the services by executing the following commands:

systemctl restart crowdsec-firewall-bouncer
systemctl restart crowdsec

To verify the status of the CrowdSec service, execute service crowdsec status. You should see an output indicating the status of the service.