Support for custom response bodies / labels

[msoszka]

During creating ruleset / rules there is currently no option to specify Custom response body per Rulegroup or per rule. Also there is no option to specify labels for rules, so there is no easy way to reference to labels from another rules.
Would it be possible to implement managing that by i.e options in config:

waf_config:

• web_acl_name: mywebacl
  fallback_action: ban
  rule_group_name: crowdsec-rule-group-XXX
  scope: REGIONAL
  region: eu-west-1
  ipset_prefix: crowdsec-ipset-
  rule_labels: mylabel
  ruleset_labels: otherlabel
  custom_body_json_file: /etc/crowdsec/custom.json

Where custom.json have proper structure for AWS WAF i.e:

{
  "AccessDeniedHtml": {
    "ContentType": "TEXT_HTML",
    "Content": <div>You are blocked, contact us at aaa@example.com </div>
  }
}

[blotus]

Hello,

For the custom response body, that's definitely something we can look into implementing.

For the labels, what use-case do you have in mind ? The rules themselves should be considered temporary (we create and delete them dynamically: for example, if you have no captcha decision, we will not create the captcha rule).
Same goes for the rule group: it is created on startup and deleted on shutdown: if you have a reference to it somewhere else, I think AWS would prevent its deletion, which in turn would most likely lead to issues with the bouncer.

[msoszka]

Hello,

with labels - we can setup custom labels on i.e rule created by crowdsec in count mode, then we can create another rule with i.e AND statement that will check label + some header. If both matches then we can perform block - think it can be helpful in testing rules with some portions of real traffic.
Anyway see custom response body as more handy feature for sure.