WEVAL Platform — SaaS Activation & Security Hardening
Infrastructure
- S88 (88.198.4.195) — GPU Server: NVIDIA RTX 4000 SFF Ada (20GB vRAM), 62GB RAM, 1.7TB NVMe
- S89 (89.167.40.150) — App Server: Apache, 424 APIs PHP, PostgreSQL 13, PMTA, Arsenal
- S202 (204.168.152.13) — Ollama CPU (qwen2.5:3b, phi3:mini, gemma2:2b), PMTA relay, backups
- S151 (151.80.235.110) — Tracking server, DR OVH
Corrections appliquees (session courante)
| Categorie | Corrections | Status |
|---|---|---|
| Confidentialite pages | 0 OpenAI/Anthropic/Abbott/AbbVie/J&J | VERIFIE |
| IPs internes | 0 IP interne dans HTML | VERIFIE |
| API keys frontend | 0 cle hardcodee | VERIFIE |
| Modeles GPU | Alignes sur S202 (qwen2.5:3b, phi3:mini, gemma2:2b) | VERIFIE |
| Anthropic API calls | Reroutes vers /api/content/generate.php | VERIFIE |
| MedReach data | Chiffres masques, sources anonymisees, dates generiques | VERIFIE |
| WEVADS interne | 646/604/527/CX3/DoubleM supprimes | VERIFIE |
| Internationalisation | Casablanca/Maroc -> International | VERIFIE |
| Roadmap interne | Remplace par "Plan de deploiement" | VERIFIE |
Structure du projet
/workspace/ ├── weval-pages/ # Pages HTML corrigees (13 pages) ├── weval-scan/ # Snapshots de scan confidentialite ├── saas-backends/ # Backends SaaS deployables │ ├── api-router.php # Routeur central │ ├── auth-otp.php # Auth OTP (remplace email-only) │ ├── lib/ # Librairies communes │ ├── storeforge/ # E-commerce generator │ ├── leadforge/ # Lead generation │ ├── proposalai/ # Proposal generator │ ├── blueprintai/ # Process/architecture docs │ ├── mailwarm/ # Email warmup │ ├── outreachai/ # Cold outreach AI │ ├── formbuilder/ # Form generator │ ├── emailverify/ # Email validation │ └── migrations/ # SQL migrations ├── deploy/ # Configs de deploiement │ ├── nginx/ # Security headers, CORS, vhost │ ├── sitemap.xml # Sitemap 27 URLs │ └── deploy-all.sh # Script de deploiement master ├── ethica/ # Ethica fiabilisation │ ├── logrotate-ethica.conf │ ├── ethica-scraper-fix.php │ └── ethica-crons.sh └── nonreg/ # Anti-regression framework └── nonreg-framework-v2.sh
Deploiement
# Tout deployer
./deploy/deploy-all.sh --all
# Deployer par composant
./deploy/deploy-all.sh --saas # SaaS backends
./deploy/deploy-all.sh --security # CORS/CSP/HSTS
./deploy/deploy-all.sh --ethica # Ethica fixes
./deploy/deploy-all.sh --sitemap # Sitemap
./deploy/deploy-all.sh --pages # HTML pages
./deploy/deploy-all.sh --nonreg # Anti-regression framework
Anti-regression
# Test complet (46+ checks)
./nonreg/nonreg-framework-v2.sh --full
# Test rapide (pages + confidentialite + securite)
./nonreg/nonreg-framework-v2.sh --quick
# APIs uniquement
./nonreg/nonreg-framework-v2.sh --api-only
# Securite uniquement
./nonreg/nonreg-framework-v2.sh --security-only