allow_url_fopen required

  • Resolved Chris

    (@mad9scientist)


    2 years, 11 months ago

    Hello,

    I was reviewing the log file the CrowdSec plugin created and found several entries all following this pattern:

    2022-01-02T13:06:02.594325+00:00|300|{"type":"UNKNOWN_EXCEPTION_WHILE_BOUNCING","ip":"XX.XXX.XXX.XX","message":"file_get_contents(): https:// wrapper is disabled in the server configuration by allow_url_fopen=0","code":2,"file":"/home/XXX/wp-content/plugins/crowdsec/vendor/crowdsec/bouncer/src/RestClient.php","line":105}

    After I changed the PHP setting to allow this function, I now get log entries like this:

    2022-01-02T13:39:12.183038+00:00|200|{"type":"CLEAN_IP","ip":"13.239.163.169","cache":"miss"}

    Which I assume this is more correct.

    I have the function allow_url_fopen disabled for security reasons, and wanted to know if this plugin can only operate with this function enabled. Even though everyone says having this enabled is a giant security risk.

    Would there be anyway to use this plugin without using this function, i.e. unix sockets?

    Also you have an entry here to explain the standalone mode, but there isn’t any information there.

Viewing 3 replies - 1 through 3 (of 3 total)

  • Hi,

    thanks for your message, and sorry for the delay.

    For now, the CrowdSec plugin requires having allow_url_fopen enabled, as we use some file_get_contents call to retrieve decisions from the CrowdSec LAPI.

    We will certainly work on a way to offer the possibility to use other kind of request handler (e.g. curl).

    Regarding the standalone mode, we have updated the documentation, and you will find information here.

    Thanks

    Hi,

    with the new version 1.8.0 of the plugin, you can choose to use curl instead of file_get_contents. (We added a configuration called Use cURL to call LAPI).

    So now, if you have curl on your system, you should be able to use this plugin with a disabled allow_url_fopen setting.

    Thanks

    Thread Starter Chris

    (@mad9scientist)

    Thank you for this change and the great work your plugin and service does for the community

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘allow_url_fopen required’ is closed to new replies.