Does Crowdsec works in WordPress Multiste Subdomains?

  • Resolved emachuca

    (@emachuca)


    1 year, 9 months ago

    I have a WP multiste installation using subdomains. I currently only have the main site mysite.com and a subdomain site sub1.mysite.com.

    I installed Crowdsec in my server (Google Cloud, Ubuntu 22.02, NGiNX, PHP 8.1) and have the iptables-firewall-bouncer.

    I then installed the Crowdsec WP plugin, network activated, and on the main site I used the API key generated with the csli command in the server. On the main site it passes the Bouncer test and the Geolocation test.

    However, if I try to use the same key on the subdomain site, after clicking the Save button, it breaks. Path: sub1.mysite.com/wp-admin/options.php There’s been a critical error on this website.

    And, if I try to generate a new API key on the server to be used with the subdomain, I get: FATA[timestamp] unable to create bouncer: bouncer wordpress-bouncer already exists.

    I was thinking about installing individual sites on the NGiNX server but, I think I’ll fall into the same restriction as it seem the WP Bouncer key is generated per server, not per website, right?

    Or is there any way to make it work with multiple sites on the same server? Either multisite/subdomain or 2-3 single sites.

    Gracias,

    Eduardo

Viewing 8 replies - 1 through 8 (of 8 total)

  • Hi,
    Thanks for your message.

    As far as I understand, it should work with the same key for all your wordpress sites. (We already have some users using the same key for multiple WorpPress sites)

    Do you have more details on the error “There’s been a critical error on this website.” . May be there is some useful log somewhere that will tell us what is wrong on the sub domain site.

    You can also try to generate a key with another bouncer name (the bouncer name is not important for the plugin):
    cscli bouncers add wordpress-bouncer-2 or cscli bouncers add the-name-you-want

    Thanks

    Thread Starter emachuca

    (@emachuca)

    Thanks for answering. I tested network disabling all plugins, except for Crowdsec but the problem persists: in the main site it all works fine, but in the subdomain site:

    • Crowdsec tab: I can enter the configuration (same API Key and all the rest) and click Save and it seems to work, but if I try to “Test Bouncing” I get redirected to https://sub1.mysite.com/wp-admin/admin-post.php with error “There’s been a critical error on this web”.
    • Advanced tab: I can enter the configuration but when I click the Save button, I get redirected to https://sub1.mysite.com/wp-admin/options.php with error “There’s been a critical error on this web”.
    • Note that I get redirected to different pages but the error message is the same.
    • I can hit the Back button in the browser and still have access to my site.
    • I enabled Debug Mode in the main site (I can’t in the subdomain because when hitting the Save button I get the error).
    • You can see the debug log text file here https://docs.google.com/document/d/1g6PUGv3UYkZcWNSW9G79XiIF3cbOkbkinbwWDys56Eg/edit?usp=sharing
    • Note: haven’t yet tried assigning a different name to the WP bouncer, as you mentioned it should work fine with the same API, and would like to have it work that way.
    • Also, I rebooted the server in case it would help, but no.

    Added:

    Gracias,

    • This reply was modified 1 year, 9 months ago by emachuca.

    Hi,
    Looking at your PHP errors, I understood what could possibly happen.

    I released a new 2.0.2 version of the plugin with a fix for your issue.

    Please let me know if it is ok with this new release.

    Thanks


    Hi,

    I just realized that I did not understand your initial message correctly.

    I was not aware of this Multisite feature you are talking about.

    And as it just happened a feature request about this : https://github.com/crowdsecurity/cs-wordpress-bouncer/issues/128
    I just realized my mistake. Sorry about that.

    Well, I guess now that this plugin does not support this Multisite feature for now.

    If you make new tests with the new version of the plugin, do not hesitate to tell me what you notice.

    I think that the compatibility with MultiSite will require a lot of work, but it is something that should be possible one day.

    We’ll take a closer look, and I’ll get back to you if there’s any news.

    Thanks again.


    Thread Starter emachuca

    (@emachuca)

    Hola,

    I think you should revert back to the old version of the WordPress plugin because I tried signing in to my site admin and the WP Bouncer immediately banned my IP!

    Tried a different IP and again, firts try to access, then banned immediately. I can access the public site, though.

    Funny thing is, in the server cscli alerts lists and cscli decisions list shows ” no active alerts/decisions”. So, I can’t un-ban my IP because is not banned ??

    Moreover, if I go to https://app.crowdsec.net/ there are no alerts and no banned IPs listed.

    Guess it is the Crowdsec plugin banning immediately when trying to access wp-admin or wp-login.

    So, no, it doesn’t work with WP Multisite, as you mentioned.

    Please revert it back to the old version.

    Saludos,

    Thread Starter emachuca

    (@emachuca)

    By the way, you may close this issue. I’m deleting the Multisite and install individual WordPress sites.

    Gracias,

    Hi,
    Thanks for your reply.

    I will close this issue.

    But, for information: bouncer does not ban any IP. Bouncer just applies decisions.

    cscli decisions list shows only decisions manually added.

    To get all decisions (even those pulled from the community shared data), you could try cscli decisions list --all

    Thanks

    Thinking back to your problem, I think the ban you got even without an active decision came from a previously cached decision.

    But then, only an analysis of your logs and your configuration could have told us.

    I hope it will be better with individual installations.

    Thanks.

Viewing 8 replies - 1 through 8 (of 8 total)
  • The topic ‘Does Crowdsec works in WordPress Multiste Subdomains?’ is closed to new replies.