Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

False positive http-crawl-non_statics Jellyseerr #1123

Open
jalapeno1083 opened this issue Sep 29, 2024 · 0 comments
Open

False positive http-crawl-non_statics Jellyseerr #1123

jalapeno1083 opened this issue Sep 29, 2024 · 0 comments

Comments

@jalapeno1083
Copy link

jalapeno1083 commented Sep 29, 2024
edited
Loading

Describe the bug
False positive when scrolling through Jellyseerr and loading a few different pages and scrolling down. This makes the client load many thumbnails.

edit: I just double checked. It only happens when I scroll down my request list domain.com/requests

To Reproduce
Install Jellyseerr and start browsing and scrolling

edit: and fill your requests list and then scroll down the requests page domain.com/requests

Expected behavior

Using Jellyseerr normally like browsing, scrolling and loading thumbnails.

edit: Scrolling down the requests lists on Jellyseerr without getting banned.

Info about alert

cscli alerts inspect ################################################################################################

  • ID : 154

  • Date : 2024-09-29T14:30:09Z

  • Machine : localhost

  • Simulation : false

  • Remediation : true

  • Reason : crowdsecurity/http-crawl-non_statics

  • Events Count : 74

  • Scope:Value : Ip:XXXXX

  • Country : XXXXX

  • AS : XXXXX

  • Begin : 2024-09-29 14:29:50.845089625 +0000 UTC

  • End : 2024-09-29 14:30:08.794147427 +0000 UTC

  • UUID : 76bc859b-7c5d-4eb7-b829-c1eb5a1c6594

  • Context :
    +------------+---------------------+
    | Key | Value |
    +------------+---------------------+
    | method | GET |
    | status | 304 |
    | target_uri | /api/v1/request/585 |
    | target_uri | /api/v1/request/621 |
    | target_uri | /api/v1/request/642 |
    | target_uri | /api/v1/request/630 |
    | target_uri | /api/v1/request/633 |
    | target_uri | /api/v1/request/599 |
    | user_agent | - |
    +------------+---------------------+

  • Events :

  • Date: 2024-09-29 14:30:07 +0000 UTC
    +---------------------+-----------------------------+
    | Key | Value |
    +---------------------+-----------------------------+
    | ASNNumber | XXXXX |
    | ASNOrg | XXXXX |
    | IsInEU | false |
    | IsoCode | XXXXX |
    | SourceRange | XXXXX |
    | datasource_path | /var/log/traefik/access.log |
    | datasource_type | file |
    | http_args_len | 0 |
    | http_path | /api/v1/request/585 |
    | http_status | 304 |
    | http_user_agent | - |
    | http_verb | GET |
    | log_type | http_access-log |
    | service | http |
    | source_ip | XXXXX |
    | timestamp | 2024-09-29T14:30:07Z |
    | traefik_router_name | jellyseerr@file |
    | user | - |
    +---------------------+-----------------------------+

  • Date: 2024-09-29 14:30:07 +0000 UTC
    +---------------------+-----------------------------+
    | Key | Value |
    +---------------------+-----------------------------+
    | ASNNumber | XXXXX |
    | ASNOrg | XXXXX |
    | IsInEU | false |
    | IsoCode | XXXXX |
    | SourceRange | XXXXX |
    | datasource_path | /var/log/traefik/access.log |
    | datasource_type | file |
    | http_args_len | 0 |
    | http_path | /api/v1/request/621 |
    | http_status | 304 |
    | http_user_agent | - |
    | http_verb | GET |
    | log_type | http_access-log |
    | service | http |
    | source_ip | XXXXX |
    | timestamp | 2024-09-29T14:30:07Z |
    | traefik_router_name | jellyseerr@file |
    | user | - |
    +---------------------+-----------------------------+

  • Date: 2024-09-29 14:30:07 +0000 UTC
    +---------------------+-----------------------------+
    | Key | Value |
    +---------------------+-----------------------------+
    | ASNNumber | XXXXX |
    | ASNOrg | XXXXX |
    | IsInEU | false |
    | IsoCode | XXXXX |
    | SourceRange | XXXXX |
    | datasource_path | /var/log/traefik/access.log |
    | datasource_type | file |
    | http_args_len | 0 |
    | http_path | /api/v1/request/642 |
    | http_status | 304 |
    | http_user_agent | - |
    | http_verb | GET |
    | log_type | http_access-log |
    | service | http |
    | source_ip | XXXXX |
    | timestamp | 2024-09-29T14:30:07Z |
    | traefik_router_name | jellyseerr@file |
    | user | - |
    +---------------------+-----------------------------+

  • Date: 2024-09-29 14:30:07 +0000 UTC
    +---------------------+-----------------------------+
    | Key | Value |
    +---------------------+-----------------------------+
    | ASNNumber | XXXXX |
    | ASNOrg | XXXXX |
    | IsInEU | false |
    | IsoCode | XXXXX |
    | SourceRange | XXXXX |
    | datasource_path | /var/log/traefik/access.log |
    | datasource_type | file |
    | http_args_len | 0 |
    | http_path | /api/v1/request/630 |
    | http_status | 304 |
    | http_user_agent | - |
    | http_verb | GET |
    | log_type | http_access-log |
    | service | http |
    | source_ip | XXXXX |
    | timestamp | 2024-09-29T14:30:07Z |
    | traefik_router_name | jellyseerr@file |
    | user | - |
    +---------------------+-----------------------------+

  • Date: 2024-09-29 14:30:07 +0000 UTC
    +---------------------+-----------------------------+
    | Key | Value |
    +---------------------+-----------------------------+
    | ASNNumber | XXXXX |
    | ASNOrg | XXXXX |
    | IsInEU | false |
    | IsoCode | XXXXX |
    | SourceRange | XXXXX |
    | datasource_path | /var/log/traefik/access.log |
    | datasource_type | file |
    | http_args_len | 0 |
    | http_path | /api/v1/request/633 |
    | http_status | 304 |
    | http_user_agent | - |
    | http_verb | GET |
    | log_type | http_access-log |
    | service | http |
    | source_ip | XXXXX |
    | timestamp | 2024-09-29T14:30:07Z |
    | traefik_router_name | jellyseerr@file |
    | user | - |
    +---------------------+-----------------------------+

  • Date: 2024-09-29 14:30:07 +0000 UTC
    +---------------------+-----------------------------+
    | Key | Value |
    +---------------------+-----------------------------+
    | ASNNumber | XXXXX |
    | ASNOrg | XXXXX |
    | IsInEU | false |
    | IsoCode | XXXXX |
    | SourceRange | XXXXX |
    | datasource_path | /var/log/traefik/access.log |
    | datasource_type | file |
    | http_args_len | 0 |
    | http_path | /api/v1/request/599 |
    | http_status | 304 |
    | http_user_agent | - |
    | http_verb | GET |
    | log_type | http_access-log |
    | service | http |
    | source_ip | XXXXX |
    | timestamp | 2024-09-29T14:30:07Z |
    | traefik_router_name | jellyseerr@file |
    | user | - |
    +---------------------+-----------------------------+

Additional context

Collections in use

COLLECTIONS

Name 📦 Status Version Local Path

crowdsecurity/base-http-scenarios ✔️ enabled 1.0 /etc/crowdsec/collections/base-http-scenarios.yaml
crowdsecurity/http-cve ✔️ enabled 2.7 /etc/crowdsec/collections/http-cve.yaml
crowdsecurity/iptables ✔️ enabled 0.2 /etc/crowdsec/collections/iptables.yaml
crowdsecurity/linux ✔️ enabled 0.2 /etc/crowdsec/collections/linux.yaml
crowdsecurity/nginx ✔️ enabled 0.2 /etc/crowdsec/collections/nginx.yaml
crowdsecurity/sshd ✔️ enabled 0.5 /etc/crowdsec/collections/sshd.yaml
crowdsecurity/traefik ✔️ enabled 0.1 /etc/crowdsec/collections/traefik.yaml
crowdsecurity/whitelist-good-actors ✔️ enabled 0.1 /etc/crowdsec/collections/whitelist-good-actors.yaml
LePresidente/jellyfin ✔️ enabled 0.2 /etc/crowdsec/collections/jellyfin.yml
LePresidente/jellyseerr ✔️ enabled 0.1 /etc/crowdsec/collections/jellyseerr.yml

Happy to provide any additional logs.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@jalapeno1083