From 67ee78bb8e57b1408a09bd934e6163c7fdd19722 Mon Sep 17 00:00:00 2001 From: Thibault Koechlin Date: Wed, 6 Nov 2024 17:04:02 +0100 Subject: [PATCH] up --- crowdsec-docs/docs/central_api/blocklist.md | 32 ++++++++++----------- 1 file changed, 15 insertions(+), 17 deletions(-) diff --git a/crowdsec-docs/docs/central_api/blocklist.md b/crowdsec-docs/docs/central_api/blocklist.md index 5978785f..fee1c824 100644 --- a/crowdsec-docs/docs/central_api/blocklist.md +++ b/crowdsec-docs/docs/central_api/blocklist.md @@ -6,37 +6,35 @@ sidebar_position: 3 # Introduction -The "Community Blocklist" is a curated list of IP addresses identified as malicious by CrowdSec. CrowdSec proactively block the IP addresses of this blocklist, preventing malevolent IPs from reaching their systems. +The "Community Blocklist" is a curated list of IP addresses identified as malicious by CrowdSec. CrowdSec proactively block the IP addresses of this blocklist, preventing malevolent IPs from reaching your systems. # Community Blocklist Variation and Eligibility The rules are different for free and paying users: - - Free users that **do** contribute get access to the `free blocklist` - - Paying users get access to the `pro blocklist`, even if they don't contribute - - Free users that **do not** contribute get the `degraded blocklist` + - Free users that **do not** contribute get the `Community Blocklist (Lite)` + - Free users that **do** contribute get access to the `Community Blocklist` + - Paying users get access to the `Community Blocklist (Premium)`, even if they don't contribute -Regardless of the "tier" of blocklist you have access to (`degraded`, `free`, `pro`), each Security Engine gets a tailored blocklist based on the kind of signal they share with the network. +Regardless of the blocklist "tier" you have access to (`Lite`, `Community`, `Premium`), each Security Engine gets a tailored blocklist based on the kind of behavior you're trying to detect. -# Free Blocklist +# Community Blocklist -Free users that are actively contributing to the network (sending signal on a regular basis) have their Security Engines automatically subscribed to the "free blocklist". +Free users that are actively contributing to the network (sending signal on a regular basis) have their Security Engines automatically subscribed to the *Community Blocklist*. The content of the blocklist is unique to each Security Engine, as it mirrors the behaviours they report. For example, suppose you're running the Security Engine on a web server with WordPress. In that case, you will receive IPs performing generic attacks against web servers *and* IPs engaging in wordpress-specific attacks. -The `free` blocklist content is capped at 15 thousand IPs at once. +The *Community Blocklist* content is capped at 15 thousand IPs at once. -# Pro Blocklist - -Paying users' blocklist contains IPs that mirror their installed scenarios, regardless of whether they report attacks for those. - -The `pro` blocklist content has no size limit, unlike free users. - -# Degraded Blocklist - -Free users that are not actively contributing to the network or that have been flagged as cheating/abusing the system will receive a `degraded blocklist`. This Blocklist is capped at 3 thousand IPs. +# Community Blocklist (Premium) +Paying users' Security Engine are automatically subscribed to the *Community Blocklist (Premium)*, which contains IPs that mirror their installed scenarios. +Paying users' do not need to contribute to the network to be eligible to the blocklist. +The *Community Blocklist (Premium)* blocklist content has no size limit, unlike free users. +# Community Blocklist (Lite) +Free users that are not actively contributing to the network or that have been flagged as cheating/abusing the system will receive the *Community Blocklist (Lite)*. +This Blocklist is capped at 3 thousand IPs.