WEVAL Platform — SaaS Activation & Security Hardening
Infrastructure
- S88 (88.198.4.195) — GPU Server: NVIDIA RTX 4000 SFF Ada (20GB vRAM), 62GB RAM, 1.7TB NVMe
- S89 (89.167.40.150) — App Server: Apache, 424 APIs PHP, PostgreSQL 13, PMTA, Arsenal
- S202 (204.168.152.13) — Ollama CPU (qwen2.5:3b, phi3:mini, gemma2:2b), PMTA relay, backups
- S151 (151.80.235.110) — Tracking server, DR OVH
Corrections appliquees (session courante)
| Categorie | Corrections | Status |
|---|---|---|
| Confidentialite pages | 0 OpenAI/Anthropic/Abbott/AbbVie/J&J | VERIFIE |
| IPs internes | 0 IP interne dans HTML | VERIFIE |
| API keys frontend | 0 cle hardcodee | VERIFIE |
| Modeles GPU | Alignes sur S202 (qwen2.5:3b, phi3:mini, gemma2:2b) | VERIFIE |
| Anthropic API calls | Reroutes vers /api/content/generate.php | VERIFIE |
| MedReach data | Chiffres masques, sources anonymisees, dates generiques | VERIFIE |
| WEVADS interne | 646/604/527/CX3/DoubleM supprimes | VERIFIE |
| Internationalisation | Casablanca/Maroc -> International | VERIFIE |
| Roadmap interne | Remplace par "Plan de deploiement" | VERIFIE |
Structure du projet
/workspace/
├── weval-pages/ # Pages HTML corrigees (13 pages)
├── weval-scan/ # Snapshots de scan confidentialite
├── saas-backends/ # Backends SaaS deployables
│ ├── api-router.php # Routeur central
│ ├── auth-otp.php # Auth OTP (remplace email-only)
│ ├── lib/ # Librairies communes
│ ├── storeforge/ # E-commerce generator
│ ├── leadforge/ # Lead generation
│ ├── proposalai/ # Proposal generator
│ ├── blueprintai/ # Process/architecture docs
│ ├── mailwarm/ # Email warmup
│ ├── outreachai/ # Cold outreach AI
│ ├── formbuilder/ # Form generator
│ ├── emailverify/ # Email validation
│ └── migrations/ # SQL migrations
├── deploy/ # Configs de deploiement
│ ├── nginx/ # Security headers, CORS, vhost
│ ├── sitemap.xml # Sitemap 27 URLs
│ └── deploy-all.sh # Script de deploiement master
├── ethica/ # Ethica fiabilisation
│ ├── logrotate-ethica.conf
│ ├── ethica-scraper-fix.php
│ └── ethica-crons.sh
└── nonreg/ # Anti-regression framework
└── nonreg-framework-v2.sh
Deploiement
# Tout deployer
./deploy/deploy-all.sh --all
# Deployer par composant
./deploy/deploy-all.sh --saas # SaaS backends
./deploy/deploy-all.sh --security # CORS/CSP/HSTS
./deploy/deploy-all.sh --ethica # Ethica fixes
./deploy/deploy-all.sh --sitemap # Sitemap
./deploy/deploy-all.sh --pages # HTML pages
./deploy/deploy-all.sh --nonreg # Anti-regression framework
Anti-regression
# Test complet (46+ checks)
./nonreg/nonreg-framework-v2.sh --full
# Test rapide (pages + confidentialite + securite)
./nonreg/nonreg-framework-v2.sh --quick
# APIs uniquement
./nonreg/nonreg-framework-v2.sh --api-only
# Securite uniquement
./nonreg/nonreg-framework-v2.sh --security-only