Jdv interactive se install v0 #787
Draft
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
This pull request is automatically being deployed by Amplify Hosting (learn more). |
added 11 commits
June 10, 2025 15:13
rr404
force-pushed
the
jdv-interactive-se-install-v0
branch
from
ba7d90f to
afb6496
Compare
rr404
force-pushed
the
jdv-interactive-se-install-v0
branch
from
afddcac to
88d3a4d
Compare
added 10 commits
June 10, 2025 17:26
buixor
reviewed
Jun 13, 2025
| ### Test HTTP detection | ||
|
|
||
| For this test, you'll add the following path to a URL of a website you're protecting: `/CRODWSEC/TEST` | ||
| _*// Any issue possible with .htaccess that would rewrite before this path reaches the log? – **Yes, this is a valid concern. Add a note: "Important: Ensure your web server configuration (e.g., .htaccess) does not rewrite or block this specific URL path `/CRODWSEC/TEST`."***_ |
There was a problem hiding this comment.
- show the user how to do it with curl
- mention that if the test is done from a private IP you won't see it appear
buixor
reviewed
Jun 13, 2025
| ### Test SSH detection | ||
|
|
||
| Try to authenticate to your server via SSH using the following user: `ABCDEFGH123456`. | ||
| Looking at your alerts for the specific scenario **crowdsec/test-ssh**, you should see a line related to your test. |
There was a problem hiding this comment.
- show the user the command to run
buixor
reviewed
Jun 13, 2025
| ### Test AppSec detection | ||
|
|
||
| If you are using an AppSec-capable bouncer and have configured CrowdSec WAF, you can test it by [insert specific instructions based on typical AppSec setup; see notes below]. | ||
| _[**Important Notes for AppSec Test:** The specific test and instructions here are heavily dependent on the WAF/bouncer being used (nginx-bouncer, cloudflare-bouncer, etc.) and the specific AppSec rules enabled. You need a generic but useful example. Suggestions:* |
buixor
reviewed
Jun 13, 2025
|
|
||
| ## Remediation checks | ||
|
|
||
| * Canary tester |
There was a problem hiding this comment.
suggest the user to ban himself for a minute ?
buixor
reviewed
Jun 13, 2025
| ## 🚨 Detection Troubleshooting | ||
| *No alerts triggered? Let's investigate: Here are some tests to identify where the issue might be.* | ||
|
|
||
| <details> |
There was a problem hiding this comment.
I would suggest first doing cscli metrics show acquisition and add a screenshot showcasing expected behavior and faulty behavior. The cscli metrics show parsers would come later as a further investigation if needed.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Product Brief specs : https://app.clickup.com/2421256/v/dc/29wg8-28015/29wg8-40555
Health check step part of install guide:
https://pr-787.d1to60jd2gb6y6.amplifyapp.com/u/getting_started/health_check/
interractive guide test (will not be in final version of PR)
https://pr-787.d1to60jd2gb6y6.amplifyapp.com/u/user_guides/interactive_se_install/se_install_01/
First rought draft 75% complete
[ ] Need to clean up instructions (mainly explanations and linking to existing doc for now)
[ ] Need additional trouble shooting from reviewers
[ ] Need to choose basic markdown for first ugly but acceptable form of the pages
[ ] add progress bar in header (hard coded)
[ ] (optional) add real checkboxes triggering NEXT STEP green light
[ ] Make guick guides more uniform (remove remediation install or add high level hint for all and leave the command line for linux
[ ] flatten post install steps + add labels to steps (recommended/optionnal)
[ ] remove troubleshooting ? or make it regroup all trouble shootings ?