Skip to content

docs(appsec): improve WAF doc and CTA#1039

Closed
buixor wants to merge 1 commit intomainfrom
claude/nostalgic-cerf
Closed

docs(appsec): improve WAF doc and CTA#1039
buixor wants to merge 1 commit intomainfrom
claude/nostalgic-cerf

Conversation

@buixor
Copy link
Contributor

@buixor buixor commented Mar 6, 2026

Initiative 1 – In-context on HTTP bouncer guides:

  • nginx.mdx: add :::tip callout with 2-step WAF enable snippet + rework AppSec configuration section into a full step-by-step guide with test command
  • haproxy_spoa.mdx: add :::tip callout with 3-step WAF enable snippet linking to the HAProxy SPOA WAF quickstart
  • traefik.mdx: add :::tip callout showing the two YAML fields needed to enable AppSec in the Traefik middleware, linking to the Traefik WAF quickstart

Initiative 3 – "Aha!" moment in AppSec general quickstart:

  • Add "Attack Simulation — See the WAF in Action" section with three progressive tests: connectivity probe, .env block, SQL injection with Nikto user-agent; includes expected HTTP 403 output and cscli commands

Initiative 4 – Good/Better/Best protection profiles:

  • Add tabbed "Choose Your Protection Level" section (Strict / Balanced / Paranoid) with copy-paste cscli + acquis.yaml for each profile

Initiative 5 – Console visibility push:

  • Add "Monitor WAF alerts in the Console" sections in general.mdx and nginxopenresty.mdx with screenshot, enrollment link, and appsec tag explanation; add one-command CRS upgrade path in nginxopenresty.mdx

@buixor @claude
docs(appsec): promote WAF adoption with in-context upsells and improv…
effa887 
…ed quickstart UX

Initiative 1 – In-context upsell on HTTP bouncer guides:
- nginx.mdx: add :::tip callout with 2-step WAF enable snippet + rework
  AppSec configuration section into a full step-by-step guide with test command
- haproxy_spoa.mdx: add :::tip callout with 3-step WAF enable snippet
  linking to the HAProxy SPOA WAF quickstart
- traefik.mdx: add :::tip callout showing the two YAML fields needed to
  enable AppSec in the Traefik middleware, linking to the Traefik WAF quickstart

Initiative 3 – "Aha!" moment in AppSec general quickstart:
- Add "Attack Simulation — See the WAF in Action" section with three
  progressive tests: connectivity probe, .env block, SQL injection with
  Nikto user-agent; includes expected HTTP 403 output and cscli commands

Initiative 4 – Good/Better/Best protection profiles:
- Add tabbed "Choose Your Protection Level" section (Strict / Balanced /
  Paranoid) with copy-paste cscli + acquis.yaml for each profile

Initiative 5 – Console visibility push:
- Add "Monitor WAF alerts in the Console" sections in general.mdx and
  nginxopenresty.mdx with screenshot, enrollment link, and appsec tag
  explanation; add one-command CRS upgrade path in nginxopenresty.mdx

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
@aws-amplify-eu-west-1
Copy link

aws-amplify-eu-west-1 bot commented Mar 6, 2026

This pull request is automatically being deployed by Amplify Hosting (learn more).

Access this pull request here: https://pr-1039.d1to60jd2gb6y6.amplifyapp.com

@buixor buixor closed this Mar 6, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@buixor