Hi, I recently encountered this issue when trying to access the instance (both in the browser and Jerboa) while using a VPN. I don’t know if this is just an issue with the one I’m using (Surfshark) but I didn’t have this issue before.
I imagine this security layer was implemented recently, and that’s why it didn’t happen before.
Is this intended, or is it just the filter wrongly taking the VPNs IP as a malicious one?

  • narc0tic_bird@beehaw.org
    link
    fedilink
    arrow-up
    12
    ·
    1 year ago

    CrowdSec is likely blocking the IP or IP range of the VPN due to high amounts of traffic or malicious activity (or because it blocks certain VPNs in general, not sure). Try a different Surfshark server/location or a different VPN provider altogether (or you can obviously connect to beehaw.org with your real IP).

    • Torres@beehaw.orgOP
      link
      fedilink
      arrow-up
      4
      ·
      edit-2
      1 year ago

      Yeah it’s what I’ve been doing, but I’ve grown a habit of using the vpn when connected to a public WiFi. That’s why it took me a while to realize that it was happening, I had only opened beehaw at home, where I don’t use any VPN.
      And yep, it works when using other locations.

  • PenguinCoder@beehaw.orgM
    link
    fedilink
    arrow-up
    3
    ·
    edit-2
    1 year ago

    Hey thanks for bringing this to our attention. We’re using CrowdSec as a defense against malicious actors. (Think spammers, password guessing, attempts to access secure configs, software exploit attempts, etc). This should not be affecting regular normal users, but I can see how this would block VPN ips. Could be another user on the shared IP was recently seen trying to run exploits somewhere else, and this their IP was put on the ban list. This then shows up on our ban list. That’s the ‘crowd’ part of CrowdSec.

    Our ban duration is pretty low for an IP, so within an hour our two it should be able to access Beehaw again without issues. Until that IP is detected doing ‘something’ bad again. That is, Crowdsec doesn’t just block a range of IPs. It blocks IPs based on activity of that IP.

    I will need to look into ways to mitigate the affects it’s having on your normal usage. It would help to have the source IPs you’re coming from and I can check the CrowdSec logs to find out specifically why. To anyone else having this issue here, if you feel comfortable doing so, please send me a DM with when you saw this message and from which VPN IP, and I will get you unblocked.

    • Torres@beehaw.orgOP
      link
      fedilink
      arrow-up
      1
      ·
      1 year ago

      Ahh okay, it’s good to know how it works. Now I can connect without problem to beehaw.org when using the same vpn location as before, so it’s probably not blocked anymore.
      I don’t know how many IPs does Surfshark have for any given location, and if this was the IP that I was using before, but right now the same location gives me the IP address: 146.70.160.246

        • Torres@beehaw.orgOP
          link
          fedilink
          arrow-up
          1
          ·
          1 year ago

          Probably why it’s working now. Thanks for the explanation! Now I know why it’s happening if it ever happens again

  • mirage@beehaw.org
    link
    fedilink
    arrow-up
    1
    ·
    1 year ago

    Also experiencing this issue with multiple VPN providers. Have to keep trying different servers/locations to get past it. Would really appreciate if this solution was improved or replaced.