first step in protecting against crawlers

roles/fail2ban/files/filter.d/caddy-crawler.conf

@@ -0,0 +1,2 @@
+[Definition]
+failregex = .*"remote_ip":"<HOST>".*

roles/fail2ban/files/jail.d/caddy.conf

@@ -14,3 +14,11 @@ filter = caddy-auth
 maxretry = 40
 findtime = 10m
 bantime = 1h
+
+[caddy-crawler]
+enabled = true
+journalmatch = CONTAINER_NAME=caddy
+filter = caddy-crawler
+maxretry = 200
+findtime = 1m
+bantime = 6h