You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Thanks for contributing to the Selenium site and documentation! A PR well described will help maintainers to review and merge it quickly
Before submitting your PR, please check our contributing guidelines.
Avoid large PRs, and help reviewers by making them as simple and short as possible.
Add blog post about SeleniumGreed attack and reminding people to secure their grid
Description
Motivation and Context
Types of changes
Change to the site (I have double-checked the Netlify deployment, and my changes look good)
Code example added (and I also added the example to all translated languages)
Improved translation
Added new translation (and I also added a notice to each document missing translation)
-please come into our [chat rooms](https://www.selenium.dev/support/#ChatRoom) and we will try guide you through making your grid more secure.+please come into our [chat rooms](https://www.selenium.dev/support/#ChatRoom) and we will try to guide you through making your grid more secure.
Apply this suggestion
Suggestion importance[1-10]: 9
Why: Correcting the grammatical error from "we will try guide you" to "we will try to guide you" significantly improves the professionalism and readability of the content. This is an important fix for maintaining the quality of the article.
9
Enhancement
Add a summary of the external report to provide immediate context within the article
To enhance the article's credibility and provide more context, consider adding a brief explanation or summary about the Wiz report directly in the blog post. This can help readers understand the significance of the report without having to leave the page.
-Wiz about an attack they have called [SeleniumGreed](https://www.wiz.io/blog/seleniumgreed-cryptomining-exploit-attack-flow-remediation-steps).+Wiz about an attack they have called [SeleniumGreed](https://www.wiz.io/blog/seleniumgreed-cryptomining-exploit-attack-flow-remediation-steps), which details how attackers exploit unsecured Selenium Grids to deploy crypto miners.
Apply this suggestion
Suggestion importance[1-10]: 8
Why: Adding a brief explanation about the Wiz report directly in the blog post enhances the article's credibility and provides immediate context, making it more informative for readers without requiring them to leave the page.
8
Refine the tags to improve content categorization and searchability
Consider using a more specific tag than "selenium" to help categorize the content more effectively. For instance, using "selenium-security" or "selenium-grid" could help readers find relevant security-related articles more easily.
Why: The suggestion to use more specific tags like "selenium-security" and "selenium-grid" helps in better categorizing the content and improving searchability for readers interested in security-related articles. This is a minor but useful enhancement.
7
Add a header image to enhance visual appeal and engagement
To make the article more engaging and visually appealing, consider adding a header image related to the topic of securing Selenium Grids. This could help draw in readers and make the post more memorable.
---
title: "Protecting unsecured Selenium Grids against SeleniumGreed"
linkTitle: "Protecting unsecured Selenium Grids"
date: 2024-07-31
tags: ["selenium"]
categories: ["general"]
author: David Burns [@automatedtester](https://www.linkedin.com/in/theautomatedtester/)
description: >
With an ongoing attack, called SeleniumGreed, on Selenium Grids, we recommend you keep your grid secure.
+image: url_to_an_appropriate_image
---
Apply this suggestion
Suggestion importance[1-10]: 6
Why: Adding a header image can make the article more engaging and visually appealing, which can help draw in readers. However, this is a minor enhancement and not crucial to the content's effectiveness.
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
qodo-merge-pro
bot
added
documentation
User description
Thanks for contributing to the Selenium site and documentation!
A PR well described will help maintainers to review and merge it quickly
Before submitting your PR, please check our contributing guidelines.
Avoid large PRs, and help reviewers by making them as simple and short as possible.
Add blog post about SeleniumGreed attack and reminding people to secure their grid
Description
Motivation and Context
Types of changes
Checklist
PR Type
Documentation
Description
Changes walkthrough 📝
protecting-unsecured-selenium-grid.md
New blog post on protecting Selenium Grids from SeleniumGreedwebsite_and_docs/content/blog/2024/protecting-unsecured-selenium-grid.md
SeleniumGreed attack.
upgrading versions and using cloud providers.