Add new diagrams and image zooming plugin

Author: AlteredCoder

crowdsec-docs/docs/appsec/intro.md

@@ -12,27 +12,28 @@ Meet the Crowdsec **Application Security Component** (AKA : **AppSec Component**
 
 The **AppSec Component** offers:
 
-- Low-effort **virtual patching** capabilities.
-- Support for your legacy **ModSecurity** rules.
-- Combining classic WAF benefits with advanced CrowdSec features for otherwise difficult **advanced behavior detection**.
-- **Full integration** with the Crowdsec software stack, including the console and remediation components.
+-   Low-effort **virtual patching** capabilities.
+-   Support for your legacy **ModSecurity** rules.
+-   Combining classic WAF benefits with advanced CrowdSec features for otherwise difficult **advanced behavior detection**.
+-   **Full integration** with the Crowdsec software stack, including the console and remediation components.
 
 <!-- xx :  links -->
 
 This component capitalizes on existing remediation functions in web servers (such as Nginx, Traefik, Haproxy, etc.) to provide web application firewall capabilities.
 
-![appsec-global](/img/appsec-global.png)
+![appsec-global](/img/appsec-global.svg)
 
-1) The Web Server receives the HTTP request
-2) The HTTP Request is intercepted and passed to the Crowdsec Security Engine via [the HTTP API](/appsec/protocol.md)
-3) The Security Engine answers to the Web Server once the Appsec inband rules have been processed.
-4) Based on the [Security Engine answer](/appsec/protocol#response-code), the Web Server either blocks the HTTP Request or processes it as usual
+1. The Web Server receives the HTTP request
+2. The HTTP Request is intercepted and passed to the Crowdsec Security Engine via [the HTTP API](/appsec/protocol.md)
+3. The Security Engine answers to the Web Server once the Appsec inband rules have been processed.
+4. Based on the [Security Engine answer](/appsec/protocol#response-code), the Web Server either blocks the HTTP Request or processes it as usual
 
 ## Inband Rules and Out-Of-Band Rules
 
 The AppSec component relies on rules to inspect HTTP Requests:
- - Inband rules are meant to interrupt request processing
- - Out-Of-Band rules are non-blocking and are evaluated asynchronously
+
+-   Inband rules are meant to interrupt request processing
+-   Out-Of-Band rules are non-blocking and are evaluated asynchronously
 
 ### Inband rule processing
 
@@ -54,18 +55,18 @@ They are usually meant to detect unwanted behaviors that exhibit a repetitive as
 
 When a request triggers one or more rules, either in the inband section (blocking) or out-of-band (non-blocking), several things happen:
 
-- Inband (blocking) rules will appear in your `cscli alerts list` (and thus in your [console dashboard](https://app.crowdsec.net)).
-- Inband and Out-Of-Band rules will trigger an internal crowdsec event that can be treated as any log lines.
+-   Inband (blocking) rules will appear in your `cscli alerts list` (and thus in your [console dashboard](https://app.crowdsec.net)).
+-   Inband and Out-Of-Band rules will trigger an internal crowdsec event that can be treated as any log lines.
 
 This is meant to allow for scenarios to exploit the WAF rules events, such as blocking for a longer time an IP that clearly engages in malevolent activities, triggering several virtual patching rules.
 
 ## Next steps
 
 Let's now start using this AppSec capabilities:
 
-- **Installation**: [How to configure the Application Security Component with an existing remediation component](/appsec/installation.md)
-- **Rules**: [How to read, write and debug rules](/appsec/rules_syntax.md)
-- **Scenarios**: [How to create scenarios that leverage the AppSec Component events](#TODO)
-- **Hooks**: [For advanced use let's talk about possible Hooks](/appsec/hooks.md)
-- **Troubleshoot**: [How to troubleshoot the behavior of the AppSec Component](/appsec/troubleshooting.md)
-- **AppSec Protocol**: [if you're maintaining or creating a remedation component and want to add the AppSec capabilities](/appsec/protocol.md)
+-   **Installation**: [How to configure the Application Security Component with an existing remediation component](/appsec/installation.md)
+-   **Rules**: [How to read, write and debug rules](/appsec/rules_syntax.md)
+-   **Scenarios**: [How to create scenarios that leverage the AppSec Component events](#TODO)
+-   **Hooks**: [For advanced use let's talk about possible Hooks](/appsec/hooks.md)
+-   **Troubleshoot**: [How to troubleshoot the behavior of the AppSec Component](/appsec/troubleshooting.md)
+-   **AppSec Protocol**: [if you're maintaining or creating a remedation component and want to add the AppSec capabilities](/appsec/protocol.md)

crowdsec-docs/docs/intro.mdx

@@ -3,94 +3,81 @@ title: Introduction
 id: intro
 ---
 
-
-import useBaseUrl from '@docusaurus/useBaseUrl';
-import AcademyPromo from '@site/src/components/AcademyPromo';
-
-<!-- @tko
-
- - replace the image with a gif 
- - edit the image to have the same background color
- - add the cool miniature for the console
-
--->
+import useBaseUrl from "@docusaurus/useBaseUrl"
+import AcademyPromo from "@site/src/components/AcademyPromo"
 
 # Security Engine Overview
 
-The [CrowdSec Security Engine](https://github.com/crowdsecurity/crowdsec) is an open-source, lightweight software that detects and blocks malicious actors from accessing your systems at various levels, using log and HTTP Requests analysis with threat patterns called scenarios. 
+The [CrowdSec Security Engine](https://github.com/crowdsecurity/crowdsec) is an open-source, lightweight software that detects and blocks malicious actors from accessing your systems at various levels, using log and HTTP Requests analysis with threat patterns called scenarios.
 
 CrowdSec is a modular security tool offering [behavior-based detection](https://app.crowdsec.net/hub/collections), including [AppSec rules](https://app.crowdsec.net/hub/appsec-rules), and optional components to block threats called [Remediation Components](https://app.crowdsec.net/hub/bouncers)
 
-&nbsp;
-&nbsp;
-<div style={{display: 'flex'}}>
-    <div style={{textAlign: 'center', flex: '1'}}>
-    <img width="800" height="auto" src={useBaseUrl('/img/simplified_SE_overview.png')} />
+<div style={{ display: "flex" }}>
+    <div style={{ textAlign: "center", flex: "1" }}>
+        <img
+            width="auto"
+            height="auto"
+            src={useBaseUrl("/img/simplified_SE_overview.svg")}
+        />
     </div>
 </div>
-&nbsp;
-&nbsp;
+&nbsp; &nbsp;
 
 The crowd-sourced aspect allows the sharing of attacks they detected and blocked. Participants of this crowd-sourced threat intel receive, automatically via the security engine, a curated list of validated attackers (community blocklist) enhancing their real-time protection capabilities by taking preemptive actions against known threats.
 
-
-
 ## Main Features
 
 In addition to the core "detect and react" mechanism, CrowdSec is committed to several other key aspects:
 
-- **Easy Installation**: Effortless out-of-the-box installation on all [supported platforms](/getting_started/versions_matrix.md).
-- **Simplified Daily Operations**: You have access to our Web UI administration via [CrowdSec's console](http://app.crowdsec.net) or the powerful [Command line tool cscli](/cscli/cscli.md) for effortless maintenance and keeping your detection mechanisms up-to-date. 
-- **Reproducibility**: The Security Engine can analyze not only live logs but also [cold logs](/u/user_guides/replay_mode), making it easier to detect potential false triggers, conduct forensic analysis, or generate reports.
-- **Versatile**: The Security Engine can analyze [system logs](/docs/data_sources/intro) and [HTTP Requests](/docs/next/appsec/intro) to exhaustively protect your perimeter.
-- **Observability**: Providing valuable insights into the system's activity:
-    - Users can view/manage alerts from the ([Console](https://app.crowdsec.net/signup)).
-    - Operations personnel have access to detailed Prometheus metrics ([Prometheus](/observability/prometheus.md)).
-    - Administrators can utilize a user-friendly command-line interface tool ([cscli](/observability/cscli.md)).
-- **API-Centric**: All components communicate via an [HTTP API](/local_api/intro.md), facilitating multi-machine setups.
-
+-   **Easy Installation**: Effortless out-of-the-box installation on all [supported platforms](/getting_started/versions_matrix.md).
+-   **Simplified Daily Operations**: You have access to our Web UI administration via [CrowdSec's console](http://app.crowdsec.net) or the powerful [Command line tool cscli](/cscli/cscli.md) for effortless maintenance and keeping your detection mechanisms up-to-date.
+-   **Reproducibility**: The Security Engine can analyze not only live logs but also [cold logs](/u/user_guides/replay_mode), making it easier to detect potential false triggers, conduct forensic analysis, or generate reports.
+-   **Versatile**: The Security Engine can analyze [system logs](/docs/data_sources/intro) and [HTTP Requests](/docs/next/appsec/intro) to exhaustively protect your perimeter.
+-   **Observability**: Providing valuable insights into the system's activity:
+    -   Users can view/manage alerts from the ([Console](https://app.crowdsec.net/signup)).
+    -   Operations personnel have access to detailed Prometheus metrics ([Prometheus](/observability/prometheus.md)).
+    -   Administrators can utilize a user-friendly command-line interface tool ([cscli](/observability/cscli.md)).
+-   **API-Centric**: All components communicate via an [HTTP API](/local_api/intro.md), facilitating multi-machine setups.
 
 ## Architecture
 
-<div style={{display: 'flex'}}>
-    <div style={{textAlign: 'center', flex: '1'}}>
-    <img src={useBaseUrl('/img/simplified_SE_underthehood.png')}></img>
+<div style={{ display: "flex" }}>
+    <div style={{ textAlign: "center", flex: "1" }}>
+        <img src={useBaseUrl("/img/simplified_SE_underthehood.svg")}></img>
     </div>
 </div>
 
 Under the hood, the Security Engine has various components:
- 
- - The Log Processor is in charge of detection: it analyzes logs from [various data sources](/docs/data_sources/intro) or [HTTP requests](/appsec/intro.md) from web servers.
- - The [Appsec](/appsec/intro.md) feature is part of the Log Processor and filters HTTP Requests from the compatible web servers. 
- - The [Local API](/local_api/intro.md) acts as a middle man:
-    - Between the [Log Processors](/docs/data_sources/intro) and the [Remediation Components](/u/bouncers/intro) which are in charge of enforcing decisions.
-    - And with the [Central API](/central_api/intro.md) to share alerts and receive blocklists.
- - The [Remediation Components](/u/bouncers/intro) - also known as bouncers - block malicious IPs at your chosen level—whether via IpTables, firewalls, web servers, or reverse proxies. [See the full list on our CrowdSec Hub.](https://app.crowdsec.net/hub/remediation-components)
+
+-   The Log Processor is in charge of detection: it analyzes logs from [various data sources](/docs/data_sources/intro) or [HTTP requests](/appsec/intro.md) from web servers.
+-   The [Appsec](/appsec/intro.md) feature is part of the Log Processor and filters HTTP Requests from the compatible web servers.
+-   The [Local API](/local_api/intro.md) acts as a middle man:
+    -   Between the [Log Processors](/docs/data_sources/intro) and the [Remediation Components](/u/bouncers/intro) which are in charge of enforcing decisions.
+    -   And with the [Central API](/central_api/intro.md) to share alerts and receive blocklists.
+-   The [Remediation Components](/u/bouncers/intro) - also known as bouncers - block malicious IPs at your chosen level—whether via IpTables, firewalls, web servers, or reverse proxies. [See the full list on our CrowdSec Hub.](https://app.crowdsec.net/hub/remediation-components)
 
 ## Deployment options
 
 This architecture allows for both simple/standalone setups, or more distributed ones including as illustrated below:
 
- - One or more machines? Run crowdsec on each (alongside with a remediation component)
- - Already have a log pit (such as rsyslog or loki)? Run crowdsec next to it, not on the production workloads
- - Running Kubernetes? Have a look at [our helm chart](/u/getting_started/installation/kubernetes)
- - Running containers? The [docker data source](/docs/data_sources/docker) might be what you need
- - Just looking for a WAF? Look at [our quickstart](/appsec/intro.md)
+-   One or more machines? Run crowdsec on each (alongside with a remediation component)
+-   Already have a log pit (such as rsyslog or loki)? Run crowdsec next to it, not on the production workloads
+-   Running Kubernetes? Have a look at [our helm chart](/u/getting_started/installation/kubernetes)
+-   Running containers? The [docker data source](/docs/data_sources/docker) might be what you need
+-   Just looking for a WAF? Look at [our quickstart](/appsec/intro.md)
 
 Distributed architecture example:
 
-<div style={{display: 'flex'}}>
-    <div style={{textAlign: 'center', flex: '1'}}>
-    <img src={useBaseUrl('/img/distributed_SE_setup.png')}></img>
+<div style={{ display: "flex" }}>
+    <div style={{ textAlign: "center", flex: "1" }}>
+        <img src={useBaseUrl("/img/distributed_SE_setup.svg")}></img>
     </div>
 </div>
 
-
-
 <AcademyPromo
-  image="crowdsec_fundamentals.svg"
-  description="Watch a short series of videos on how to install CrowdSec and protect your infrastructure"
-  title="More ways to learn"
-  course="crowdsec-fundamentals"
-  utm="?utm_source=docs&utm_medium=banner&utm_campaign=intro-page&utm_id=academydocs"
-/>
+    image="crowdsec_fundamentals.svg"
+    description="Watch a short series of videos on how to install CrowdSec and protect your infrastructure"
+    title="More ways to learn"
+    course="crowdsec-fundamentals"
+    utm="?utm_source=docs&utm_medium=banner&utm_campaign=intro-page&utm_id=academydocs"
+/>

crowdsec-docs/docusaurus.config.js

@@ -83,6 +83,14 @@ module.exports = {
             indexName: "crowdsec",
             contextualSearch: true,
         },
+        zooming: {
+            selector: '.markdown img',
+            delay: 500,
+            background: {
+            light: 'rgba(101,108,133,0.8)',
+            dark: 'rgba(9,10,17,0.8)'
+            },
+        },
         navbar: {
             items: [],
         },
@@ -264,6 +272,7 @@ module.exports = {
         ],
     ],
     plugins: [
+        "docusaurus-plugin-zooming",
         [
             "@docusaurus/plugin-content-docs",
             {

crowdsec-docs/package-lock.json

@@ -28,6 +28,7 @@
     "@mui/material": "^5.13.4",
     "@mui/x-date-pickers": "^6.18.0",
     "clsx": "^2.0.0",
+    "docusaurus-plugin-zooming": "^1.0.0",
     "material-react-table": "^2.0.2",
     "prism-react-renderer": "^2.1.0",
     "react": "^18.2.0",