This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Secure Configuration Guide"
(→2. Web servers misconfiguration) |
(→3. Application servers misconfiguration) |
||
Line 29: | Line 29: | ||
== 3. Application servers misconfiguration == | == 3. Application servers misconfiguration == | ||
− | '''3.1. Apache Tomcat''' | + | '''[[SCG_AS_Tomcat|3.1. Apache Tomcat]]''' |
− | '''3.2. Borland Enterprise Server''' | + | '''[[SCG_AS_Borland|3.2. Borland Enterprise Server]]''' |
− | '''3.3. ColdFusion''' | + | '''[[SCG_AS_ColdFusion|3.3. ColdFusion]]''' |
− | '''3.4. IBM WebSphere Application Server''' | + | '''[[SCG_AS_WebSphere|3.4. IBM WebSphere Application Server]]''' |
− | '''3.5. JBoss Enterprise Application Platform''' | + | '''[[SCG_AS_JBoss|3.5. JBoss Enterprise Application Platform]]''' |
− | '''3.6. Jetty''' | + | '''[[SCG_AS_Jetty|3.6. Jetty]]''' |
− | '''3.7. SAP NetWeaver Application Server''' | + | '''[[SCG_AS_NetWeaver|3.7. SAP NetWeaver Application Server]]''' |
− | '''3.8. Oracle Application Server''' | + | '''[[SCG_AS_Oracle|3.8. Oracle Application Server]]''' |
− | '''3.9. Oracle WebLogic Server | + | '''[[SCG_AS_WebLogic|3.9. Oracle WebLogic Server]]''' |
− | |||
− | |||
+ | '''[[SCG_AS_GlassFish|3.10. Oracle GlassFish Server]]''' | ||
== 4. Web frameworks misconfiguration == | == 4. Web frameworks misconfiguration == |
Revision as of 09:13, 4 December 2014
Welcome on the page of Secure Configuration Guide!
Project description is available here: https://www.owasp.org/index.php/OWASP_Secure_Configuration_Guide
Table of Contents
1. Introduction
1.1. The OWASP Secure Configuration Guide
1.2. Misconfiguration. Defender's point
1.3. Misconfiguration. Attacker's point
2. Web servers misconfiguration
3. Application servers misconfiguration
3.2. Borland Enterprise Server
3.4. IBM WebSphere Application Server
3.5. JBoss Enterprise Application Platform
3.7. SAP NetWeaver Application Server
3.8. Oracle Application Server
4. Web frameworks misconfiguration
4.1. Apache Struts
4.2. ASP.NET
4.3. CakePHP
4.4. CodeIgniter
4.5. Django
4.6. Lithium
4.7. Ruby on Rails
4.8. Spring
4.9. Symfony
4.10. Zend
5. CMS misconfiguration
5.1. Bitrix
5.2. Drupal
5.3. Joomla
5.4. Magento
5.5. OpenCart
5.6. phpBB
5.7. Shopify
5.8. TYPO3
5.9. vBulletin
5.10. Wordpress
6. Crypto misconfiguration
6.1 to be complemented later
7. Services
7.1 to be complemented later
8. Devices
8.1. Routers
8.2. Firewalls
8.3. to be complemented later