Cheers, I’ve since discovered that’s is “bouncers” that I want on the endpoints I.e on my Nginx Proxy Manager. I’ll just use the LAPI on the Opnsense box for now I think.

I thought crowdsec does everything fail2ban does in addition to global block lists?

Where did you have it setup? Is your proxy configured to forward the real IP?

Nah, that one conflicts with my IPoAC networks unfortunately :(

Awesome that makes a lot of sense, cheers. So I’ll install the Crowdsec agent on the Nginx Proxy Manager, and potentially also on the servers.

Thanks those links were helpful to get me on the right path. I like that there is a plugin for Opnsense directly and has that central LAPI, because I’d need something similar if I was to use f2b.

I have some alerts like that using Pushover. You can set it to treat high priority alerts like an alarm which bypasses things like do not disturb and silence etc