diff --git a/README.md b/README.md
index d65ee2c..b24e5bc 100644
--- a/README.md
+++ b/README.md
@@ -286,6 +286,7 @@ The aims is to provide a ready-to-run recipes that you can just copy, paste and
 - [change-detection](apps/other/change-detection.md)
 - [Cockpit](apps/other/cockpit.md)
 - [Code server](apps/other/code.md)
+- [Crowdsec](apps/other/crowdsec.md)
 - [Firefox](apps/other/firefox.md)
 - [Firefox sync server](apps/other/firefox-sync.md)
 - [LanguageTool server](apps/other/language-tool.md)
diff --git a/apps/other/crowdsec.md b/apps/other/crowdsec.md
new file mode 100644
index 0000000..ea577df
--- /dev/null
+++ b/apps/other/crowdsec.md
@@ -0,0 +1,150 @@
+# Crowdsec
+
+It's basically a self-hosted crowd-based firewall.
+Setup is a bit cumbersome but (probably) well worth it :-)
+
+<br>
+
+- [Homepage](https://www.crowdsec.net)
+- [Github repo](https://github.com/crowdsecurity/crowdsec)
+- [Docker Hub](https://hub.docker.com/r/crowdsecurity/crowdsec)
+- [Crowdsec Hub](https://hub.crowdsec.net)
+- [Traefik bouncer](https://github.com/fbonalair/traefik-crowdsec-bouncer)
+- [Collections](https://hub.crowdsec.net/browse/#collections)
+
+
+
+## How does that work
+- There are 2 parts of the solution: analyser & bouncer
+- Crowdsec container (below) just basically analyses your server logs
+- Bouncer container (below) uses the analysis to bounce off the potential attacks
+
+## Local Setup
+This describes how to setup crowdsec with traefik bouncer. There are other bouncers you can use (if you don't use traefik).
+
+1. Create 2 files with the following content (`acquis.yml` and `docker-compose.yml`). Remember to update the paths to your logs in `docker-compose.yml`!
+2. Start the containers (`docker compose up -d`)
+3. Wait a minute or so (until it finishes installing collections), you can follow the logs to see what's going on (`docker compose logs -f`)
+4. Add bouncer to the crowdsec instance:
+    ```sh
+    docker exec crowdsec cscli bouncers add traefik-bouncer
+    ```
+5. Copy the API key printed in the command output and paste it back in the `docker-compose.yml` in the bouncer config (`CROWDSEC_BOUNCER_API_KEY`)
+6. Restart the containers
+7. That's it.
+
+## Online console
+Unless you want to have an online console, than do this as well:
+1. Register at https://app.crowdsec.net/
+2. Enroll your instance, with the API key from there, e.g.:
+    ```sh
+    docker exec crowdsec cscli console enroll cl8m56qpu00060vlcwgj898z0
+    ```
+
+## Traefik middleware
+1. Add traefik middleweare in the dynamic config, e.g.
+    ```toml
+    [http.middlewares.crowdsec.forwardauth]
+    address = "http://<server ip>:3300/api/v1/forwardAuth"
+    ```
+2. Use this middleware in your services, e.g.
+    ```toml
+    [http.routers.authelia]
+    rule ="Host(`login.domain.com`)"
+    service = "authelia"
+    tls = { }
+    middlewares = [ "crowdsec" ]
+    ```
+
+
+## acquis.yml
+```yml
+---
+filenames:
+ - /logs/auth.log
+ - /logs/syslog
+ - /logs/kern.log
+labels:
+  type: syslog
+
+---
+filenames:
+  - /logs/apache2/*.log
+  - /logs/*httpd*.log
+  - /logs/httpd/*log
+labels:
+  type: apache2
+
+---
+filenames:
+  - /logs/nginx/*.log
+labels:
+  type: nginx
+
+---
+filenames:
+ - /logs/authelia.log
+labels:
+  type: authelia
+
+---
+filenames:
+  - /logs/traefik/*.log
+labels:
+  type: traefik
+```
+
+## docker-compose.yml
+```yml
+---
+services:
+  crowdsec:
+    image: crowdsecurity/crowdsec
+    container_name: crowdsec
+    restart: unless-stopped
+    environment:
+      - GID="${GID-1000}"
+      - COLLECTIONS=crowdsecurity/linux crowdsecurity/iptables crowdsecurity/apache2 crowdsecurity/sshd crowdsecurity/traefik LePresidente/authelia crowdsecurity/nginx crowdsecurity/base-http-scenarios
+    volumes:
+      - /var/log/auth.log:/logs/auth.log:ro
+      - /var/log/syslog.log:/logs/syslog.log:ro
+      - /var/log/kern.log:/logs/kern.log:ro
+      - /var/log/apache:/logs/apache:ro
+      - /var/log/httpd:/logs/httpd:ro
+      - /var/log/authelia.log:/logs/authelia.log:ro
+      - /var/log/traefik/logs:/logs/traefik:ro
+
+      - ./acquis.yml:/etc/crowdsec/acquis.yaml
+      - ./data:/var/lib/crowdsec/data/
+      - ./config:/etc/crowdsec/
+
+  bouncer:
+    image: fbonalair/traefik-crowdsec-bouncer
+    container_name: crowdsec-bouncer
+    restart: unless-stopped
+    environment:
+      - PORT=8090
+      - CROWDSEC_BOUNCER_API_KEY=changeme
+      - CROWDSEC_AGENT_HOST=crowdsec:8080
+    ports:
+      - 3300:8090
+```
+
+
+## Useful commands
+
+1. List installed items
+```sh
+docker exec crowdsec cscli scenarios list
+docker exec crowdsec cscli collections list
+docker exec crowdsec cscli parsers list
+```
+
+2. Block/unblock an ip
+```sh
+docker exec crowdsec cscli decisions add --ip 192.168.1.1
+docker exec crowdsec cscli decisions remove --ip 192.168.1.1
+docker exec crowdsec cscli decisions list
+docker exec crowdsec cscli decisions help			# display help on decisions command
+docker exec crowdsec cscli decisions add --help		# display help on add command
+```