Adding a whitelist to crowdsec

I have started using a Wireguard VPN to connect to my home server. As I don’t have a static IP address from my ISP I set up a VPS at a local data centre to act as the entry point. This was all working very nicely. Then I suddenly could not connect.

I could not even ssh into the VPS.

I have been running crowdsec on the VPS and it had decided to block me

time="2025-03-15T11:02:56+09:00" level=info msg="Ip 139.x.x.x performed 'crowdsecurity/http-probing' (11 events over 6.952362595s) at 2025-03-15 02:02:56.604989399 +0000 UTC"
time="2025-03-15T11:02:56+09:00" level=info msg="(60da0d91ab3c400b8343bc364646fa6fmBxAbYRNgeUDCDtr/crowdsec) crowdsecurity/http-probing by ip 139.x.x.x (JP/18081) : 4h ban on Ip 139.x.x.x"

My guess is that it is because I am running homepage, which checks if the services are up or not, and that could have triggered the http-probing scenario.

Fortunately, there is a web console to access the VPS directly so I could log on, find the problem and temporarily disable crowdsec. As I still want to run crowdsec I need to whitelist my own IP address.

Creating a whitelist just required adding a new file mywhitelists.yaml in /etc/crowdsec/parsers/s02-enrich which lists my IP address:

name: my/whitelist
description: "Whitelist events from my ip addresses"
whitelist:
  reason: "my ip ranges"
  ip:
    - "139.x.x.x"

Then restart crowdsec. Now everything is working again.