docs: add Fastly snippets and security features documentation; update…#2305
Open
Renaud Hager (renaudhager) wants to merge 5 commits into
Open
docs: add Fastly snippets and security features documentation; update…#2305Renaud Hager (renaudhager) wants to merge 5 commits into
Renaud Hager (renaudhager) wants to merge 5 commits into
Conversation
… application YAML and PHP settings sections
Contributor
There was a problem hiding this comment.
Pull request overview
This PR expands the Shopware PaaS Native documentation around Fastly (CDN snippets + security/WAF) and PHP configuration, and updates the application.yaml reference to include PHP extensions.
Changes:
- Added new docs pages for Fastly snippet management and for default security features (WAF).
- Updated Fastly CDN docs to link to the snippets page and clarify the two Fastly services (
storefrontvscdn). - Added a new PHP settings page and extended the
application.yamldocumentation with anapp.php.extensionsfield and examples.
Reviewed changes
Copilot reviewed 5 out of 5 changed files in this pull request and generated 9 comments.
Show a summary per file
| File | Description |
|---|---|
| products/paas/shopware/fundamentals/php-settings.md | New page documenting PHP configuration via environment variables. |
| products/paas/shopware/fundamentals/application-yaml.md | Documents app.php.extensions and adds examples to the YAML reference. |
| products/paas/shopware/cdn/security-features.md | New page describing the default WAF/security features. |
| products/paas/shopware/cdn/index.md | Clarifies Fastly integration and introduces the two-service model. |
| products/paas/shopware/cdn/fastly-snippets.md | New page describing how to deploy Fastly snippets for the storefront service. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Comment on lines
+19
to
+23
| # Note: | ||
|
|
||
| We recommand to modify the following ones: | ||
|
|
||
| - `PHP_SESSION_HANDLER`: this natively manage by our automation, no should update be required for this. No newline at end of file |
Comment on lines
+20
to
+22
| ## Limitation | ||
|
|
||
| For now only the snippets for the `storefront` service can be configured. We are working on provided a unified experience in regard to snippet management for both services (`storefront` and `cdn`) |
Comment on lines
+13
to
+19
| Shopware PaaS Native provided as a standard a WAF powered by Fastly [NGWAF](https://docs.fastly.com/products/fastly-next-gen-waf). The default feature set is based on the `Core` feature set of the NGWAF. | ||
|
|
||
| This provide by default a protection against OWASP top 10 categories. | ||
|
|
||
| Nothing needs to be done on the customer, this is automatically enabled and configured for every application. | ||
|
|
||
| We have on our roadmap(no timeline at this stage), possibility to add more addons from the different feature set provided by Fastly. |
Comment on lines
+35
to
+36
| - storefront: Service that proxy the storefront and admin Shopware instances. | ||
| - cdn: Service that proxy all the CDN assets hosted on S3 (public bucket). |
| @@ -0,0 +1,22 @@ | |||
| --- | |||
| nav: | |||
| title: Fastly Snippet | |||
Contributor
|
Renaud Hager (@renaudhager) does this PR make this obsolete or should they be merged? |
Member
Author
Yes it does, thanks for flagging it. |
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
| Among other parameters, you can configure the following using environment variables: | ||
|
|
||
| - `PHP_MAX_UPLOAD_SIZE`: upload_max_filesize | ||
| - `PHP_MAX_UPLOAD_SIZE`: post_max_size |
Comment on lines
+21
to
+23
| We recommend modifying the following ones: | ||
|
|
||
| - `PHP_SESSION_HANDLER`: This is natively managed by our automation, no update should be required for this. |
|
|
||
| Shopware PaaS Native includes a Web Application Firewall (WAF) by default, powered by Fastly [NGWAF](https://docs.fastly.com/products/fastly-next-gen-waf). The enabled default feature set is the NGWAF `Core` feature set. | ||
|
|
||
| This provide by default a protection against OWASP top 10 categories. |
Comment on lines
+15
to
+19
| This provide by default a protection against OWASP top 10 categories. | ||
|
|
||
| Nothing needs to be done on the customer, this is automatically enabled and configured for every application. | ||
|
|
||
| We have on our roadmap(no timeline at this stage), possibility to add more addons from the different feature set provided by Fastly. |
Comment on lines
+21
to
+30
| <!-- To be released soon | ||
| # DDOS protection | ||
|
|
||
| This section provides comprehensive information about the DDOS protection solution for Shopware PaaS Native. | ||
|
|
||
| ## Overview | ||
|
|
||
| This feature is a premium addons. It is powered by [Fastly DDOS Protection](https://www.fastly.com/products/ddos-protection). | ||
|
|
||
| Reach out to us to know more about this. --> |
| position: 43 | ||
| --- | ||
|
|
||
| # Overview |
| ## Storefront service | ||
|
|
||
| To deploy Fastly snippets for the `storefront` service, you need to install the following recipe: `shopware/fastly-meta`. | ||
| For more information about this recipe, please have a look [here](https://github.com/shopware/fastly-meta). |
Comment on lines
+20
to
+22
| ## Limitation | ||
|
|
||
| For now only the snippets for the `storefront` service can be configured. We are working on providing a unified experience in regard to snippet management for both services (`storefront` and `cdn`) |
| - Automatic cache invalidation mechanisms | ||
| - Soft purge capabilities to maintain performance during cache updates | ||
| - Deployment helper integration for seamless VCL snippet management | ||
| - Deployment helper integration for seamless VCL snippet management. See [here](../cdn/fastly-snippets.md) for more details. |
Comment on lines
+36
to
+37
| - storefront: Service that proxy the storefront and admin Shopware instances. | ||
| - cdn: Service that proxy all the CDN assets hosted on S3 (public bucket). |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This pull request adds new documentation and updates existing docs for Shopware PaaS Native, focusing on Fastly CDN configuration, security features, and PHP settings. The changes introduce dedicated pages for Fastly snippet management and security features (WAF), clarify Fastly service configuration, and provide improved guidance for PHP configuration in the application YAML and environment variables.
Fastly CDN and Security Documentation:
storefrontservice, including installation instructions and current limitations.storefrontandcdnFastly services.PHP Configuration Documentation: