Are you using Upsun (formerly Platform.sh) to build and run applications? If so, you can now protect your projects with CrowdSec, using a simple path we created just for you: a drop-in CrowdSec project for Upsun.
In short, you deploy a small CrowdSec project, point your project’s HTTP logs to it thanks to Upsun’s HTTP log integration, and (optionally) turn on edge remediation at the Cloudflare or Fastly level.
Our goal with this project is to help you detect attacks such as bots quickly with minimal setup and remediate at the edge (Cloudflare, Fastly) using an off-the-shelf CrowdSec project.
What is Upsun?
If you are not using Upsun but are intrigued by what it offers, let’s take a closer look at this self-service cloud application platform:
Upsun is a multi-cloud application platform that removes infrastructure busywork so you can ship features sooner. Point it at your repo and define services, routes, and policies in one YAML file. Every Git branch gets a production-grade preview with cloned data, so you can validate changes against realistic environments without risking production. Built-in security, uptime, monitoring, and profiling keep issues visible and fixable early instead of during incidents.
Workflows stay familiar and automatable. Config lives in Git, standards are codified once, and teams reuse them across apps. Observability and compliance guardrails come out of the box, which helps developers focus on application logic rather than tickets and tooling hunts.
AI support is first-class. Upsun can generate initial infrastructure config, expose structured context to coding assistants through MCP, and give agents safe, ephemeral environments to test end-to-end. The result is faster delivery with less risk, plus portability across clouds when requirements change.
Why is CrowdSec best for protecting self-service PaaS like Upsun?
With Upsun, you can fork complete production stacks, with terabyte databases, near-instantly, scale services independently, and ship changes quickly. That speed and flexibility are awesome for developers, and you ideally want to actively detect and prevent malicious traffic on those web apps.
That’s where CrowdSec comes in. It’s lightweight, scales right alongside your workloads, and protects your apps from the moment of creation to when they go live. Plus, because it’s community-powered, you benefit from a large network of global users sharing attack signals. This means, when one or several users are attacked, the IP behind the attack is flagged, put through a rigorous consensus system, and then blocked for them, the CrowdSec community as a whole, and you.
How CrowdSec and Upsun work together
Here is a summary of the actions to take, showing how straightforward it is. For the detailed instructions, you can consult the README.md file.
- First, you deploy a standalone CrowdSec app in a separate Upsun project. (cf github repository)
- Next, activate HTTP logs integrations targeting the CrowdSec app’s route.
- Finally, select where the remediation happens by activating the configuration for your CDN, firewall, or Cloud firewall of choice. (Cloudflare, Fastly remediation components integrated in the project)
- Optionally: Enroll your CrowdSec instance in the CrowdSec Console to benefit from dashboards and additional blocklists
This setup is non-intrusive as it requires zero changes in your other projects’ configuration. Logs stay on your Upsun infrastructure exclusively, and the CrowdSec app runs in its own small project. The typical footprint is 0.1–0.3 CPU and ~100–500 MB RAM.
Go further: proactive threat blocking
By plugging additional remediation components directly into your AWS WAF or edge devices, you can seamlessly integrate powerful blocking capabilities. You can also take advantage of the vast CrowdSec Blocklist catalogue to proactively block IPs with bad reputations. Finally, for ultimate control, you can also create and enforce your own custom blocklists tailored to your unique threat landscape, ensuring a multi-layered and adaptive security posture.
What’s Next for CrowdSec Upsun integration?
In the short term, we’re working with Upsun to have an integration communicating from container to container, avoiding possible rate limiting and delays in alert for a project with a high number of log lines.
With your feedback and collaboration alongside Upsun, we have 2 end goals for that integration:
The first goal is to have a dedicated CrowdSec integration and service that offers absolute ease of use directly from the Upsun UI. This will allow you to have more flexible and granular control over your CrowdSec protection and blocklists.
Secondly, we hope to have a CrowdSec WAF integration, which will give you constantly updated virtual patching collections as well as out-of-band tuning support for CRS (Core Rule Set) and other AppSec rules.
Effortless bot protection for Upsun
If your Upsun logs are drowning in bot traffic and you’re tired of your resources draining, CrowdSec is your answer. It’s a simple setup that blocks bad actors at the edge and never gives them a chance to hit your apps. That means less garbage in your logs and less load on your origin.
The best part? You can roll this out in stages. We built it to be completely reversible. And finally, the setup is clean and lives right in your Upsun project. If you’ve wanted to cut the noise without a huge commitment, this is it.
🎯 Book a demo today and be one of the first to try this streamlined security solution!
