correct alignment

Using-Security-Tools-with-Paperless-ngx.md

@@ -1,32 +1,34 @@
 [Crowdsec](#crowdsec) | [Fail2ban](#fail2ban)
 
+
 # Crowdsec
 > [Crowdsec](https://www.crowdsec.net/) is a crowdsourced intrusion detection and prevention system (IDS/IPS) that will detect suspicious login activity and ban IP addresses. These bans result from both a) local detection of e.g. brute-force login attempts based on the Paperless-ngx log files and b) the real-time community feed of aggressive IPs (IPs that show malicious activity within the Crowdsec user community, will be added to this list).
 
 1. Install the [Paperless-ngx collection](https://hub.crowdsec.net/author/andreasbrett/collections/paperless-ngx) via Crowdsec's `cscli` tool.
 
-`sudo cscli collections install andreasbrett/paperless-ngx`
+    `sudo cscli collections install andreasbrett/paperless-ngx`
 
 2. Point Crowdsec to your Paperless-ngx logfile
 
-Edit `/etc/crowdsec/acquis.yaml` with your preferred text editor and add a section pointing to the location of your Paperless-ngx log. If you have set up Paperless-ngx as a Docker container the log file will reside within the volume you configured. The absolute path for Docker volumes should be `/var/lib/docker/volumes/...`.
+    Edit `/etc/crowdsec/acquis.yaml` with your preferred text editor and add a section pointing to the location of your Paperless-ngx log. If you have set up Paperless-ngx as a Docker container the log file will reside within the volume you configured. The absolute path for Docker volumes should be `/var/lib/docker/volumes/...`.
 
-```
+    ```
----
+    ---
-filenames:
+    filenames:
         - /var/lib/docker/volumes/paperless_data/_data/log/paperless.log
-labels:
+    labels:
     type: Paperless-ngx
-```
+    ```
 
 3. Reload Crowdsec configuration
 
-`sudo systemctl reload crowdsec`
+    `sudo systemctl reload crowdsec`
+
 
 # Fail2ban
 > [Fail2ban](https://github.com/fail2ban/fail2ban) is a powerful tool for securing your server by monitoring log files for suspicious activity and banning IP addresses that exhibit malicious behavior.
 
- 1. Create the Fail2ban Jail
+1. Create the Fail2ban Jail
 
     The first step is to create a fail2ban jail configuration file for Paperless. Open your preferred text editor and create a new file named `paperless.conf` in the `/etc/fail2ban/jail.d/` directory.
 
@@ -52,7 +54,7 @@ labels:
 
     If you are not using a reverse proxy to access Paperless you can remove the `[paperless_proxy]` section.
 
- 2. Create the Fail2ban Filter File
+2. Create the Fail2ban Filter File
 
     This file will define the pattern that fail2ban will look for in the Paperless log file to identify malicious activity.
 
@@ -74,7 +76,7 @@ labels:
     ignoreregex =
     ```
 
- 3. Restart fail2ban
+3. Restart fail2ban
 
     Now that the jail and filter files have been created, you need to restart fail2ban for the changes to take effect.
 
@@ -82,7 +84,7 @@ labels:
     $ sudo systemctl restart fail2ban
     ```
 
- 4. Test the Fail2ban Jail
+4. Test the Fail2ban Jail
 
     To test that the jail is working correctly, try logging into Paperless with an incorrect username or password multiple times from a different IP address. After the fifth attempt, fail2ban should ban the IP address.