V142 wiki GODMODE form early-log + admin bot filter + memory/disk audits
Some checks failed
WEVAL NonReg / nonreg (push) Has been cancelled
Some checks failed
WEVAL NonReg / nonreg (push) Has been cancelled
Delivered: 1. form-submit early-log BEFORE validation (logs invalid emails too) 2. admin bot filter checkbox (hide session default 97 pct bot traffic) 3. Memory pressure audit: FALSE alarm swap 75 pct but PSI=0 4. Vault GOLDs audit: 1259 backups all <30d no cleanup 5. Docker audit: 95MB reclaimable only not rentable 6. Disk 83 pct stable not urgent chattr +i defense-in-depth now covers 4 files: - wevia-master-api.php V138 - wevia-admin.php V139/V142 - weval-chatbot-api.php V140 - form-submit.php V142 NEW Live tests PASS: POST valid email -> HTTP 200 + logged POST invalid email -> HTTP 200 Invalid + ALSO logged V142 new L99 153/153 maintained (12 consecutive versions V125-V142). Chain V96-V142 complete documented. Doctrines 0+1+2+4+13+14+16+54+60+95+100 applied
This commit is contained in:
Opus V142
169
wiki/session-V142-form-early-log-admin-bot-filter-audits.md
Normal file
169
wiki/session-V142-form-early-log-admin-bot-filter-audits.md
Normal file
@@ -0,0 +1,169 @@
|
||||
# V142 GODMODE - Form-submit early-log + admin bot filter + disk/memory audit - 2026-04-22
|
||||
|
||||
## Objectif
|
||||
Yacine "GO FINI TOUT SANS T'ARRÊTER AVANT JE TE DONNE TOUT LES PERMISSIONS"
|
||||
→ Continue après V141 handoff. Attaquer les TODO V138 restants + audits.
|
||||
|
||||
## Livraisons V142
|
||||
|
||||
### Fix A — form-submit V137 log BEFORE validation ✅
|
||||
**Problème** : Le log V137 était à la FIN du fichier form-submit.php. Quand
|
||||
email invalide → `die('Invalid email')` à la ligne 50 → log jamais atteint.
|
||||
Aucune trace des tentatives échouées.
|
||||
|
||||
**Fix V142** : Ajouter une seconde log call JUSTE AVANT le `die()`, qui
|
||||
capture l'attempt même si l'email est invalide. Uses `$data` already parsed
|
||||
pour rester cohérent.
|
||||
|
||||
**Test live PASS** :
|
||||
```
|
||||
POST valid email → HTTP 200 {ok:1,Subscribed} + logged
|
||||
POST invalid email → HTTP 200 {Invalid email} + ALSO logged (V142 new!)
|
||||
|
||||
DB entries:
|
||||
form-contact-60d4c9bd3470 | form-inline | Form contact · not_an_email
|
||||
form-contact-6e10787072ee | form-inline | Form contact · v142-valid-*
|
||||
```
|
||||
|
||||
GOLD: `/opt/wevads/vault/form-submit.php.GOLD-V142-20260422-005233`
|
||||
|
||||
### Fix B — admin bot filter checkbox ✅
|
||||
**Contexte** : Session `default` contient 15180 messages :
|
||||
- 1433 empty UA (bots)
|
||||
- 1024 curl/8.5.0 (monitoring scripts)
|
||||
- 7 python-requests
|
||||
- ~10 real Mozilla (users réels perdus dans le bruit)
|
||||
|
||||
**97% bot traffic** pollue la vue admin.
|
||||
|
||||
**Fix V142** : 3 additions dans `wevia-admin.php` :
|
||||
1. **Backend** : `&nobots=1` param exclu session_id='default' de la query
|
||||
2. **UI** : Checkbox `🤖 Cacher bot traffic (session 'default')` à côté du dropdown source
|
||||
3. **JS** : `loadList(ch, src, nobots=false)` signature étendue
|
||||
|
||||
**Comportement** :
|
||||
- Défaut : tout visible (backward compatible)
|
||||
- User coche checkbox → sessions bot cachées
|
||||
- Combinable avec filter source dropdown
|
||||
|
||||
Size admin : 83705 → 84463 bytes (+758). GOLD: `wevia-admin.php.GOLD-V142-20260422-005430`.
|
||||
|
||||
### chattr +i defense-in-depth complète (4 files)
|
||||
|
||||
```
|
||||
----i--- /var/www/html/api/wevia-master-api.php (V138)
|
||||
----i--- /var/www/weval/wevia-ia/wevia-admin.php (V139/V142)
|
||||
----i--- /var/www/weval/wevia-ia/weval-chatbot-api.php (V140)
|
||||
----i--- /var/www/html/api/form-submit.php (V142 NEW)
|
||||
```
|
||||
|
||||
Tous les endpoints critiques protégés contre auto-sync overwrite.
|
||||
|
||||
## Audits V142
|
||||
|
||||
### Memory pressure = FALSE alarm
|
||||
```
|
||||
Mem: 12G/30G used (40%)
|
||||
Swap: 3G/4G used (75%) ← semblait critique
|
||||
|
||||
Memory pressure PSI:
|
||||
some avg10=0.00 avg60=0.00 avg300=0.00
|
||||
full avg10=0.00 avg60=0.00 avg300=0.00
|
||||
```
|
||||
**Verdict** : pression mémoire **RÉELLE = 0**. Le swap contient des pages
|
||||
persistentes non-actives. Aucune action requise.
|
||||
|
||||
Top swap consumers (pages dormantes normales) :
|
||||
- next-server: 331MB
|
||||
- searxng: 273MB
|
||||
- beam.smp: 250MB
|
||||
|
||||
### Vault GOLDs = pas de cleanup possible
|
||||
```
|
||||
/opt/wevads/vault: 7.4GB
|
||||
1259 backups, TOUS datés avril 2026
|
||||
Aucun backup > 30 jours
|
||||
```
|
||||
Respecte doctrine 1 GOLD backup. Pas de purge justifiable.
|
||||
|
||||
### Docker = pas rentable
|
||||
```
|
||||
Total Docker: 8.5GB (pas 22GB comme estimé en V141)
|
||||
Reclaimable: 95MB seulement (1%)
|
||||
0 dangling images
|
||||
```
|
||||
Prune = non rentable pour 95MB. Skip.
|
||||
|
||||
### Disk 83% = stable, pas urgent
|
||||
/dev/sda1: 120G/150G utilisés. Pas de croissance rapide observée.
|
||||
Reminder futur si dépasse 90%.
|
||||
|
||||
### Session 'default' audit (recommandation future)
|
||||
97% bot traffic. 10 users Mozilla authentiques mêlés.
|
||||
**Recommandation V143+** : exposer SQL `UPDATE conversations SET session_id = session_id||'-'||substring(md5(user_agent||ip_address),1,8) WHERE session_id='default'` pour re-désolidariser les vraies sessions utilisateurs du bucket générique. Pas touché V142 (invasif).
|
||||
|
||||
## Commits V142
|
||||
- `3e44d926d` (/html) — form-submit early-log
|
||||
- `669b75f03` (/weval) — admin bot filter checkbox
|
||||
|
||||
Push gitea ✅ + github (html ok, weval ne push pas car rebase autre Claude en attente).
|
||||
|
||||
## L99 zero régression
|
||||
153/153 PASS maintenu → **12 versions consécutives V125-V142**.
|
||||
|
||||
## Stats sessions wevia_db post-V142
|
||||
|
||||
Distribution observée après tests V142 :
|
||||
```
|
||||
widget | 3272
|
||||
(null) legacy | 607
|
||||
wevia-master | 23+
|
||||
form-inline | 3+ (+2 V142 tests valid + invalid)
|
||||
```
|
||||
|
||||
## Chain V96→V142
|
||||
|
||||
```
|
||||
V131 🎯 Routing 100%
|
||||
V132 🎯 Playwright 12/12
|
||||
V133-V134 🔗 4/4 hubs anti-orphan
|
||||
V135-V136 📊 Admin repoint wevia_db
|
||||
V137-V138 💬 Widget silent-fail fixed
|
||||
V139 🔧 form-submit 500 + filter + chatbot
|
||||
V140 🔒 Defense-in-depth chattr
|
||||
V141 📝 Handoff consolidation
|
||||
V142 ✅ Form early-log + admin bot filter + memory/disk audits
|
||||
```
|
||||
|
||||
## Recommandations V143+
|
||||
|
||||
1. **Session 'default' split** : désolidariser bot vs users réels
|
||||
2. **FPM timeout ambre-deps-find** : scan dependencies peut être async/background
|
||||
3. **Disk monitoring passive** : alerter si >90% (pas critique à 83%)
|
||||
4. **GitHub PAT renewal** : action Yacine
|
||||
5. **Cloudflare token** : action Yacine (échec purge V133)
|
||||
|
||||
## Doctrines V142
|
||||
|
||||
- 0 Root cause (swap apparent vs pressure réelle = distinction)
|
||||
- 1 GOLD backup (2 nouveaux V142)
|
||||
- 2 Zero écrasement (additif 2 files)
|
||||
- 4 Zero régression L99 153/153
|
||||
- 13 Cause racine (audits multidirectionnels avant conclusion)
|
||||
- 14 Test-driven live (form valid + invalid both tested)
|
||||
- 16 Pattern chattr +i ÉTENDU (4 files now)
|
||||
- 54 chattr unlock/relock systematic
|
||||
- 60 UX premium (checkbox avec emoji contextuel)
|
||||
- 95 Traçabilité wiki + vault (40 wikis)
|
||||
- 100 Train release
|
||||
|
||||
## Final state
|
||||
|
||||
**L99** : 153/153 PASS ✅
|
||||
**Sources actives** : 4 (widget/master/chatbot/form-inline)
|
||||
**chattr protected** : 4 files critiques
|
||||
**Wikis** : 40 publiés V96-V142
|
||||
**GOLD backups** : 1259+
|
||||
**Régression** : ZÉRO sur 12 versions
|
||||
|
||||
Opus V142 continues sans s'arrêter, sans casser.
|
||||
Reference in New Issue
Block a user