ENABLED=true

API_URL=${CROWDSEC_LAPI_URL}

# Authentication options, either using an API key or TLS client certificate.

API_KEY=${API_KEY}

USE_TLS_AUTH=false

TLS_CLIENT_CERT=/path/to/client.crt

TLS_CLIENT_KEY=/path/to/client.key

CACHE_EXPIRATION=1

# bounce for all type of remediation that the bouncer can receive from the local API

BOUNCING_ON_TYPE=all

FALLBACK_REMEDIATION=ban

REQUEST_TIMEOUT=3000

UPDATE_FREQUENCY=10

# By default internal requests are ignored, such as any path affected by rewrite rule.

# set ENABLE_INTERNAL=true to allow checking on these internal requests.

ENABLE_INTERNAL=false

# live or stream

MODE=live

# exclude the bouncing on those location

EXCLUDE_LOCATION=

#those apply for "ban" action

# /!\ REDIRECT_LOCATION and RET_CODE can't be used together. REDIRECT_LOCATION take priority over RET_CODE

BAN_TEMPLATE_PATH=/var/lib/crowdsec/lua/templates/ban.html

REDIRECT_LOCATION=

RET_CODE=

#those apply for "captcha" action

#valid providers are recaptcha, hcaptcha, turnstile

CAPTCHA_PROVIDER=

# Captcha Secret Key

SECRET_KEY=

# Captcha Site key

SITE_KEY=

CAPTCHA_TEMPLATE_PATH=/var/lib/crowdsec/lua/templates/captcha.html

CAPTCHA_EXPIRATION=3600

APPSEC_URL=

APPSEC_FAILURE_ACTION=passthrough

APPSEC_CONNECT_TIMEOUT=

APPSEC_SEND_TIMEOUT=

APPSEC_PROCESS_TIMEOUT=

ALWAYS_SEND_TO_APPSEC=false

SSL_VERIFY=true