Skip to content

Commit b63e447

Browse files
julienloizeletjulienloizelet
committed
docs(wp-cli): Add WP-CLI doc
1 parent 0edf1dc commit b63e447

File tree

2 files changed

+98
-3
lines changed

2 files changed

+98
-3
lines changed

docs/USER_GUIDE.md

Lines changed: 96 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -266,6 +266,22 @@ we store in cache some values in order to know if he has to resolve or not the c
266266

267267
Minimum 1 second. Default: 86400 seconds.
268268

269+
------
270+
271+
`Caching configuration → Redis DSN (if applicable)`
272+
273+
Fill in this field only if you have chosen the Redis cache.
274+
275+
Example of DSN: redis://localhost:6379.
276+
277+
------
278+
279+
`Caching configuration → Memcached DSN (if applicable)`
280+
281+
Fill in this field only if you have chosen the Memcached cache.
282+
283+
Example of DSN: memcached://localhost:11211.
284+
269285
***
270286

271287
![Remediations](images/screenshots/config-remediations.jpg)
@@ -378,6 +394,86 @@ This Ip will be used instead of the current X-Forwarded-For Ip if any.
378394

379395
**Must be empty in production.**
380396

397+
398+
399+
#### Settings update with WP-CLI tool
400+
401+
Here are some examples of how to set options with the `WP-CLI` tool.
402+
403+
**:warning:** : Some actions are triggered by a manual modification of the settings in the admin interface. Setting flagged with **:warning:** triggers some action. For example, changing the cache system triggers a cache flush of the old cache system. Modifying those values with `WP-CLI` will not trigger these actions.
404+
405+
406+
407+
| Settings | Examples |
408+
| :----------------------------------------------------------- | ------------------------------------------------------------ |
409+
| **General settings***Connection details* | |
410+
| `Local API URL` | `wp option set crowdsec_api_url https://crowdsec:8080` |
411+
| `Authentication type` | - `wp option set crowdsec_auth_type api_key`<br />- `wp option set crowdsec_auth_type tls` |
412+
| `Bouncer API key` | `wp option set crowdsec_api_key ab483bd8fa665d66c494c0c36e2fd7a0` |
413+
| `Path to the bouncer certificate` | `wp option set crowdsec_tls_cert_path bouncer.pem` |
414+
| `Path to the bouncer key` | `wp option set crowdsec_tls_key_path bouncer-key.pem` |
415+
| `Verify peer` | - `wp option set crowdsec_tls_verify_peer on`<br />- <code>echo -n "" \| wp option set crowdsec_tls_verify_peer</code> |
416+
| `Path to the CA certificate used to process peer verification` | `wp option set crowdsec_tls_ca_cert_path ca-chain.pem` |
417+
| `Use cURL to call Local API` | - <code>wp option set crowdsec_use_curl on</code><br />- <code>echo -n &quot;&quot; \| wp option set crowdsec_use_curl</code> |
418+
| `Local API request timeout` | - `wp option set crowdsec_api_timeout 120`<br />- `wp option set crowdsec_api_timeout -1` |
419+
| **General settings***Bouncing* | |
420+
| `Bouncing level` | - `wp option set crowdsec_bouncing_level normal_bouncing`<br />- `wp option set crowdsec_bouncing_level flex_bouncing`<br />- `wp option set crowdsec_bouncing_level bouncing_disabled` |
421+
| `Public website only` | - `wp option set crowdsec_public_website_only on`<br />- <code>echo -n &quot;&quot; \| wp option set crowdsec_public_website_only</code> |
422+
| **Theme customization***Adapt the wording of the Captcha Wall* | |
423+
| `Browser tab text` | `wp option set crowdsec_theme_text_captcha_wall_tab_title "Oops.."` |
424+
| `Title text` | <code>echo -n "Hmm, sorry but..." \| wp option set crowdsec_theme_text_captcha_wall_title</code> |
425+
| `Subtitle text` | <code>echo -n &quot;Please complete the security check.&quot; \| wp option set crowdsec_theme_text_captcha_wall_subtitle</code> |
426+
| `Refresh image text` | <code>echo -n &quot;refresh image&quot; \| wp option set crowdsec_theme_text_captcha_wall_refresh_image_link</code> |
427+
| `Input placeholder` | <code>echo -n &quot;Type here...&quot; \| wp option set crowdsec_theme_text_captcha_wall_captcha_placeholder</code> |
428+
| `Send button text` | `wp option set crowdsec_theme_text_captcha_wall_send_button CONTINUE ` |
429+
| `Error message` | <code>echo -n &quot;Please try again.&quot; \| wp option set crowdsec_theme_text_captcha_wall_error_message</code> |
430+
| `Footer custom message` | <code>echo -n &quot;Thanks&quot; \| wp option set crowdsec_theme_text_captcha_wall_footer</code> |
431+
| **Theme customization***Adapt the wording of the Ban Wall* | |
432+
| `Browser tab text` | ` <code>wp option set crowdsec_theme_text_ban_wall_tab_title &quot;Oops..&quot;</code> |
433+
| `Title text` | <code>echo -n &quot;🤭 Oh!&quot; \| wp option set crowdsec_theme_text_ban_wall_title</code> |
434+
| `Subtitle text` | <code>echo -n &quot;This page is protected against cyber attack.&quot; \| wp option set crowdsec_theme_text_ban_wall_subtitle</code> |
435+
| `Footer custom message` | ` <code>echo -n &quot;Thanks&quot; \| wp option set crowdsec_theme_text_ban_wall_footer</code> |
436+
| **Theme customization***Use your own colors* | |
437+
| `Primary text color` | `wp option set crowdsec_theme_color_text_primary black ` |
438+
| `Secondary text color` | `wp option set crowdsec_theme_color_text_secondary #AAA ` |
439+
| `Button text color` | `wp option set crowdsec_theme_color_text_button white ` |
440+
| `Error message text color` | `wp option set crowdsec_theme_color_text_error_message #b90000 ` |
441+
| `Page background color` | `wp option set crowdsec_theme_color_background_page #eee ` |
442+
| `Container background color` | `wp option set crowdsec_theme_color_background_container white ` |
443+
| `Button background color` | `wp option set crowdsec_theme_color_background_button #626365 ` |
444+
| `Button background color (hover)` | `wp option set crowdsec_theme_color_background_button_hover #333 ` |
445+
| **Theme customization***Use your own css code* | |
446+
| Custom CSS code` | `echo -n "body {background: rgb(2,0,36);}" | wp option set crowdsec_theme_custom_css ` |
447+
| **Advanced settings***Communication mode to the API* | |
448+
| `Enable the "Stream mode"`**:warning:** | - <code>wp option set crowdsec_stream_mode on</code><br />- <code>echo -n &quot;&quot; \| wp option set crowdsec_stream_mode</code> |
449+
| `Resync decisions each (stream mode only)`**:warning:** | `wp option set crowdsec_stream_mode_refresh_frequency 120` |
450+
| **Advanced settings***Cache configuration* | |
451+
| `Technology`:warning: | - <code>wp option set crowdsec_cache_system phpfs</code><br />- <code>wp option set crowdsec_cache_system redis</code><br />- <code>wp option set crowdsec_cache_system memcached</code> |
452+
| `Recheck clean IPs each (live mode only)` | `wp option set crowdsec_clean_ip_cache_duration 3600` |
453+
| `Recheck bad IPs each (live mode only)` | `wp option set crowdsec_bad_ip_cache_duration 3600` |
454+
| `Captcha flow cache lifetime` | `wp option set crowdsec_captcha_cache_duration 86400` |
455+
| `Redis DSN (if applicable)`:warning: | <code>echo -n "redis://localhost:6379" \| wp option set crowdsec_redis_dsn</code> |
456+
| `Memcached DSN (if applicable)`:warning: | <code>echo -n &quot;memcached://localhost:11211&quot; \| wp option set crowdsec_memcached_dsn</code> |
457+
| **Advanced settings***Remediations* | |
458+
| `Fallback to` | - <code>wp option set crowdsec_fallback_remediation ban</code><br />- <code>wp option set crowdsec_fallback_remediation captcha</code><br />- <code>wp option set crowdsec_fallback_remediation bypass</code> |
459+
| `Trust these CDN IPs (or Load Balancer, HTTP Proxy)` | When the `crowdsec_trust_ip_forward` is set, the `crowdsec_trust_ip_forward_array` is populated with a serialized array of comparable IPs.<br />Thus, to maintain consistency between admin display and database data, you should update the 2 options: <br />`wp option set crowdsec_trust_ip_forward 1.2.3.4`<br />`wp option set crowdsec_trust_ip_forward_array --format=json '[["001.002.003.004","001.002.003.004"]]'` |
460+
| `Hide CrowdSec mentions` | - <code>wp option set crowdsec_hide_mentions on</code><br />- <code>echo -n &quot;&quot; \| wp option set crowdsec_hide_mentions</code> |
461+
| **Advanced settings***Geolocation* | |
462+
| `Enable geolocation feature` | - <code>wp option set crowdsec_geolocation_enabled on</code><br />- <code>echo -n &quot;&quot; \| wp option set crowdsec_geolocation_enabled</code> |
463+
| `Geolocation type` | `wp option set crowdsec_geolocation_type maxmind` |
464+
| `MaxMind database type` | - <code>wp option set crowdsec_geolocation_maxmind_database_type country</code><br />- <code>wp option set crowdsec_geolocation_maxmind_database_type city</code> |
465+
| `Path to the MaxMind database` | `wp option set crowdsec_geolocation_maxmind_database_path GeoLite2-City.mmdb` |
466+
| `Geolocation cache lifetime` | - <code>wp option set crowdsec_geolocation_cache_duration 86400</code><br />- <code>wp option set crowdsec_geolocation_cache_duration 0</code> |
467+
| **Advanced settings***Debug mode* | |
468+
| `Enable debug mode` | - <code>wp option set crowdsec_debug_mode on</code><br />- <code>echo -n &quot;&quot; \| wp option set crowdsec_debug_mode</code> |
469+
| `Disable prod log` | - <code>wp option set crowdsec_disable_prod_log on</code><br />- <code>echo -n &quot;&quot; \| wp option set crowdsec_disable_prod_log</code> |
470+
| `Enable errors display` | - <code>wp option set crowdsec_display_errors on</code><br />- <code>echo -n &quot;&quot; \| wp option set crowdsec_display_errors</code> |
471+
| **Advanced settings***Test settings* | |
472+
| `Forced test IP` | `wp option set crowdsec_forced_test_ip 1.2.3.4` |
473+
| `Forced test X-Forwarded-For IP` | <code>wp option set crowdsec_forced_test_forwarded_ip 1.2.3.4</code> |
474+
475+
476+
381477
### Auto Prepend File mode
382478

383479
By default, this extension will bounce every web requests that pass through the classical process of WordPress core loading.

inc/options-config.php

Lines changed: 2 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -24,8 +24,6 @@ function getCrowdSecOptionsConfig(): array
2424
['name' => 'crowdsec_bad_ip_cache_duration', 'default' => Constants::CACHE_EXPIRATION_FOR_BAD_IP, 'autoInit' => true],
2525
['name' => 'crowdsec_captcha_cache_duration', 'default' => Constants::CACHE_EXPIRATION_FOR_CAPTCHA,
2626
'autoInit' => true],
27-
['name' => 'crowdsec_geolocation_cache_duration', 'default' => Constants::CACHE_EXPIRATION_FOR_GEO,
28-
'autoInit' => true],
2927
['name' => 'crowdsec_fallback_remediation', 'default' => Constants::REMEDIATION_CAPTCHA, 'autoInit' => true],
3028
['name' => 'crowdsec_hide_mentions', 'default' => '', 'autoInit' => true],
3129
['name' => 'crowdsec_trust_ip_forward_array', 'default' => [], 'autoInit' => true],
@@ -56,7 +54,8 @@ function getCrowdSecOptionsConfig(): array
5654
['name' => 'crowdsec_forced_test_ip', 'default' => '', 'autoInit' => true],
5755
['name' => 'crowdsec_forced_test_forwarded_ip', 'default' => '', 'autoInit' => true],
5856
['name' => 'crowdsec_geolocation_enabled', 'default' => '', 'autoInit' => true],
59-
['name' => 'crowdsec_geolocation_save_result', 'default' => '', 'autoInit' => true],
57+
['name' => 'crowdsec_geolocation_cache_duration', 'default' => Constants::CACHE_EXPIRATION_FOR_GEO,
58+
'autoInit' => true],
6059
['name' => 'crowdsec_geolocation_type', 'default' => Constants::GEOLOCATION_TYPE_MAXMIND, 'autoInit' => true],
6160
['name' => 'crowdsec_geolocation_maxmind_database_type', 'default' => Constants::MAXMIND_COUNTRY, 'autoInit' => true],
6261
['name' => 'crowdsec_geolocation_maxmind_database_path', 'default' => '', 'autoInit' => true],

0 commit comments

Comments
 (0)