CrowdSec is a securcrowds that helps protect servers from brute-force attacks and other forms of malicious activity. In this article, we will explain how to install CrowdSec on Debian 11.

Before we begin, it’s important to note that this tutorial assumes that you already have a Debian 11 system up and running, and that you are logged in as a user with sudo privileges.

Install the git and make utilities

To install CrowdSec on Debian 11, you will need to clone the CrowdSec repository from GitHub and build the CrowdSec binary. To do this, you will need the git and make utilities, which are not installed by default on Debian 11. To install these utilities, run the following command:

sudo apt-get install git make

Clone the CrowdSec repository

Once the required utilities are installed, you can clone the CrowdSec repository by running the following command:

git clone <https://github.com/crowdsecurity/crowdsec.git>

This will clone the CrowdSec repository to a directory called crowdsec in your current working directory.

Build the CrowdSec binary

To build the CrowdSec binary, navigate to the crowdsec directory and run the make command:

cd crowdsec
make

This will build the CrowdSec binary and place it in the bin directory inside the crowdsec directory.

Install the CrowdSec binary

Once the CrowdSec binary has been built, you can install it by running the following command:

sudo make install

This will install the CrowdSec binary to the /usr/local/bin directory, and will also install the CrowdSec systemd service file to the /etc/systemd/system directory.

Start the CrowdSec service

Now that the CrowdSec binary has been installed, you can start the CrowdSec service by running the following command:

sudo systemctl start crowdsec

This will start the CrowdSec service and enable it to start automatically whenever the system is restarted.

Configure CrowdSec

To configure CrowdSec, you need to edit the /etc/crowdsec/crowdsec.yaml configuration file. Open the configuration file in a text editor:

sudo nano /etc/crowdsec/crowdsec.yaml

And make any desired changes to the configuration. For example, you can specify which services to protect (such as SSH, FTP, or HTTP), and you can customize the response to detected threats (such as blocking the source IP address).

Once you have made the desired changes to the configuration, save the file and close the text editor.

Restart the CrowdSec service

After modifying the configuration file, you need to restart the CrowdSec service for the changes to take effect. To do this, run the following command:

sudo systemctl restart crowdsec

This will restart the CrowdSec service and apply the new configuration.

In conclusion, installing CrowdSec on Debian 11 is a simple process that involves cloning the CrowdSec repository from GitHub, building the CrowdSec binary, and configuring the CrowdSec service. By following the steps outlined in this article, you can easily set up CrowdSec on your Debian 11 system and start protecting your server from malicious activity.