CrowdSec Manager is a web-based management interface for CrowdSec operations, Traefik integration, decisions, scenarios, backups, and logs.
- Current baseline:
2.0.0 - Multi-proxy support: not available in this release
Click below to download the app to your mobile device, tablet:
| Screenshot File | Page |
|---|---|
alerts-analysis-filters.jpeg | Alerts Analysis (filters panel) |
alerts-analysis-inspect-modal.jpeg | Alerts Analysis (inspect modal) |
alerts-analysis-overview.jpeg | Alerts Analysis (overview charts) |
alerts-analysis-results-table.jpeg | Alerts Analysis (results table) |
allowlists-management.jpeg | Allowlists Management |
backup-management.jpeg | Backup Management |
bouncers-management.jpeg | Bouncers Management |
captcha-protection-detect.jpeg | Captcha Protection (detect) |
config-validation.jpeg | Config Validation |
configuration-settings.jpeg | Configuration Settings |
crowdsec-health-overview.jpeg | CrowdSec Health Overview |
dashboard-overview-countries-systems.jpeg | Dashboard (countries and systems) |
dashboard-overview-scenarios-blocked-ips.jpeg | Dashboard (scenarios and blocked IPs) |
decisions-analysis-overview.jpeg | Decisions Analysis (overview) |
decisions-results-table.jpeg | Decisions Analysis (results table) |
health-diagnostics-overview.jpeg | Health and Diagnostics |
hub-appsec-configurations.jpeg | Hub Browser (AppSec configurations) |
hub-appsec-rules.jpeg | Hub Browser (AppSec rules) |
hub-collections.jpeg | Hub Browser (collections) |
hub-home-categories.jpeg | Hub Browser (home categories) |
hub-log-parsers.jpeg | Hub Browser (log parsers) |
hub-postoverflows.jpeg | Hub Browser (postoverflows) |
hub-remediation-components.jpeg | Hub Browser (remediation components) |
hub-scenarios-install-mode.jpeg | Hub Browser (scenarios install mode) |
ip-management.jpeg | IP Management |
logs-service-logs.jpeg | Logs (service logs) |
notifications-detect.jpeg | Notifications (detect) |
scenarios-management.jpeg | Scenarios Management |
services-management.jpeg | Services Management |
system-update.jpeg | System Update |
terminal-container-shell.png | Terminal (container shell) |
whitelist-management.jpeg | Whitelist Management |
services: tailscale: image: tailscale/tailscale:latest container_name: tailscale-crowdsec hostname: crowdsec-manager-ts # The name that will appear in your Tailscale admin panel environment: - TS_AUTHKEY= - TS_STATE_DIR=/var/lib/tailscale volumes: - tailscale-data:/var/lib/tailscale - /dev/net/tun:/dev/net/tun cap_add: - net_admin - sys_module ports: - "8080:8080" networks: pangolin: aliases: - crowdsec-manager # Ensures other containers on the network can still reach it by its original name! restart: unless-stopped crowdsec-manager: image: hhftechnology/crowdsec-manager:latest container_name: crowdsec-manager network_mode: service:tailscale # This is the magic: it merges networking with the Tailscale container depends_on: - tailscale restart: unless-stopped # 'expose' and 'networks' are removed here because Tailscale manages the network connection now environment: # Core Configuration - PORT=8080 - ENVIRONMENT=production - TRAEFIK_DYNAMIC_CONFIG=/etc/traefik/dynamic_config.yml - TRAEFIK_CONTAINER_NAME=traefik - TRAEFIK_STATIC_CONFIG=/etc/traefik/traefik_config.yml - CROWDSEC_METRICS_URL=http://crowdsec:6060/metrics volumes: - /var/run/docker.sock:/var/run/docker.sock - /root/config:/app/config - /root/docker-compose.yml:/app/docker-compose.yml - ./backups:/app/config/backups - ./data:/app/data networks: pangolin: external: true volumes: tailscale-data:mkdir -p ./backups ./data docker network create pangolin docker compose up -dcurl http://localhost:8080/healthBase prefix: /api
GET /api/health/stackGET /api/health/crowdsecGET /api/health/complete
GET /api/ip/publicGET /api/ip/blocked/:ipGET /api/ip/security/:ipPOST /api/ip/unban
GET /api/whitelist/viewPOST /api/whitelist/currentPOST /api/whitelist/manualPOST /api/whitelist/cidrPOST /api/whitelist/crowdsecPOST /api/whitelist/traefikPOST /api/whitelist/comprehensiveDELETE /api/whitelist/remove
GET /api/allowlist/listPOST /api/allowlist/createGET /api/allowlist/inspect/:namePOST /api/allowlist/addPOST /api/allowlist/removeDELETE /api/allowlist/:name
POST /api/scenarios/setupGET /api/scenarios/listGET /api/scenarios/filesDELETE /api/scenarios/file
POST /api/captcha/setupGET /api/captcha/statusGET /api/captcha/detectPOST /api/captcha/configPOST /api/captcha/apply
GET /api/logs/crowdsecGET /api/logs/traefikGET /api/logs/traefik/advancedGET /api/logs/:serviceGET /api/logs/stream/:serviceGET /api/logs/structured/:service
GET /api/backup/listPOST /api/backup/createPOST /api/backup/restoreDELETE /api/backup/:idPOST /api/backup/cleanupGET /api/backup/latest
GET /api/update/checkPOST /api/update/with-crowdsecPOST /api/update/without-crowdsec
GET /api/services/verifyPOST /api/services/shutdownPOST /api/services/action
GET /api/crowdsec/bouncersPOST /api/crowdsec/bouncersDELETE /api/crowdsec/bouncers/:nameGET /api/crowdsec/decisionsPOST /api/crowdsec/decisionsDELETE /api/crowdsec/decisionsPOST /api/crowdsec/decisions/importGET /api/crowdsec/decisions/analysisGET /api/crowdsec/alerts/analysisGET /api/crowdsec/alerts/:idDELETE /api/crowdsec/alerts/:idGET /api/crowdsec/metricsPOST /api/crowdsec/enrollPOST /api/crowdsec/enroll/finalizeGET /api/crowdsec/enroll/preferencesPUT /api/crowdsec/enroll/preferencesGET /api/crowdsec/status
GET /api/traefik/configGET /api/traefik/config-pathPOST /api/traefik/config-path
GET /api/config/settingsPUT /api/config/settingsGET /api/config/files/:container/:fileType
GET /api/notifications/discordPOST /api/notifications/discordGET /api/notifications/discord/previewGET /api/notifications/discord/detectPOST /api/notifications/discord/configPOST /api/notifications/discord/apply
POST /api/cron/setupGET /api/cron/listDELETE /api/cron/:id
GET /api/profilesPOST /api/profiles
GET /api/hosts/list
GET /api/terminal/:container
GET /api/config/validation/validateGET /api/config/validation/snapshotsPOST /api/config/validation/snapshotPOST /api/config/validation/restore/:typePOST /api/config/validation/accept/:typeDELETE /api/config/validation/snapshot/:type
GET /api/hub/listPOST /api/hub/upgradeGET /api/hub/categoriesGET /api/hub/:category/itemsPOST /api/hub/:category/installPOST /api/hub/:category/removePOST /api/hub/:category/manual-applyGET /api/hub/preferencesGET /api/hub/preferences/:categoryPUT /api/hub/preferences/:categoryGET /api/hub/historyGET /api/hub/history/:id
GET /api/simulation/statusPOST /api/simulation/toggle
GET /api/events/wsGET /api/events/sse
For installation details, feature guides, and API reference, use the docs in docs.
This project is licensed under the MIT License - see the LICENSE file for details.
- Issues: GitHub Issues
- Discussions: GitHub Discussions
- Original bash script by hhf-technology
- CrowdSec for the security engine
- Traefik for reverse proxy
- Shadcn/ui for UI components
Built with ❤️ for the CrowdSec/Pangolin community