This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Project Information:template Securing WebGoat using ModSecurity"

From OWASP
Jump to: navigation, search
(New page: {| style="width:100%" border="0" align="center" ! colspan="7" align="center" style="background:#4058A0; color:white"|<font color="white">'''PROJECT IDENTIFICATION''' |- | style="width:...)
 
Line 21: Line 21:
 
  | style="width:100%; background:#cccccc" align="center"|
 
  | style="width:100%; background:#cccccc" align="center"|
 
* (If appropriate, links to be added)
 
* (If appropriate, links to be added)
 +
|}
 +
{| style="width:100%" border="0" align="center"
 +
! colspan="6" align="center" style="background:#4058A0; color:white"|<font color="white">'''RELATED PROJECTS'''
 +
|-
 +
| style="width:100%; background:#cccccc" align="center"|
 +
[[:Category:OWASP WebGoat Project|OWASP WebGoat Project]]
 
  |}
 
  |}
 
{| style="width:100%" border="0" align="center"
 
{| style="width:100%" border="0" align="center"
Line 26: Line 32:
 
  |-
 
  |-
 
  | style="width:50%; background:#cccccc" align="center"|[[OWASP Summer of Code 2008|Sponsor - '''OWASP Summer of Code 2008''']]  
 
  | style="width:50%; background:#cccccc" align="center"|[[OWASP Summer of Code 2008|Sponsor - '''OWASP Summer of Code 2008''']]  
  | style="width:50%; background:#cccccc" align="center"|[[OWASP Summer of Code 2008 Applications - Need Futher Clarifications#XXXXXXXXXXXXXXXXX|'''Sponsored Project/Guidelines/Roadmap''']]
+
  | style="width:50%; background:#cccccc" align="center"|[[OWASP Summer of Code 2008 Applications#Securing WebGoat using ModSecurity|'''Sponsored Project/Guidelines/Roadmap''']]
 
  |}
 
  |}
 
{| style="width:100%" border="0" align="center"
 
{| style="width:100%" border="0" align="center"
Line 38: Line 44:
 
  |-
 
  |-
 
  | style="width:15%; background:#7B8ABD" align="center"|'''50% Review'''  
 
  | style="width:15%; background:#7B8ABD" align="center"|'''50% Review'''  
  | style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached?<br>'''Yes/No''' (To update)<br>---------<br>[[Project Information:template XXXXXXXXXXXXXXXXX - 50 Review - Self Evaluation - A|See&Edit:50% Review/Self-Evaluation (A)]]
+
  | style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached?<br>'''Yes/No''' (To update)<br>---------<br>[[Project Information:template Securing WebGoat using ModSecurity - 50 Review - Self Evaluation - A|See&Edit:50% Review/Self-Evaluation (A)]]
  | style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached?<br>'''Yes/No''' (To update)<br>---------<br>[[Project Information:template XXXXXXXXXXXXXXXXX - 50 Review - First Reviewer - C|See&Edit: 50% Review/1st Reviewer (C)]]
+
  | style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached?<br>'''Yes/No''' (To update)<br>---------<br>[[Project Information:template Securing WebGoat using ModSecurity - 50 Review - First Reviewer - C|See&Edit: 50% Review/1st Reviewer (C)]]
  | style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached?<br>'''Yes/No''' (To update)<br>---------<br>[[Project Information:template XXXXXXXXXXXXXXXXX 50 Review Second Review E|See&Edit: 50%Review/2nd Reviewer (E)]]
+
  | style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached?<br>'''Yes/No''' (To update)<br>---------<br>[[Project Information:template Securing WebGoat using ModSecurity 50 Review Second Review E|See&Edit: 50%Review/2nd Reviewer (E)]]
 
  | style="width:22%; background:#C2C2C2" align="center"|X  
 
  | style="width:22%; background:#C2C2C2" align="center"|X  
 
  |-
 
  |-
 
  | style="width:15%; background:#7B8ABD" align="center"|'''Final Review'''  
 
  | style="width:15%; background:#7B8ABD" align="center"|'''Final Review'''  
  | style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached?<br>'''Yes/No''' (To update)<br>---------<br>Which status has been reached?<br>'''Season of Code''' - (To update)<br>---------<br>[[Project Information:template XXXXXXXXXXXXXXXXX - Final Review - Self Evaluation - B|See&Edit: Final Review/SelfEvaluation (B)]]
+
  | style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached?<br>'''Yes/No''' (To update)<br>---------<br>Which status has been reached?<br>'''Season of Code''' - (To update)<br>---------<br>[[Project Information:template Securing WebGoat using ModSecurity - Final Review - Self Evaluation - B|See&Edit: Final Review/SelfEvaluation (B)]]
  | style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached?<br>'''Yes/No''' (To update)<br>---------<br>Which status has been reached?<br>'''Season of Code''' - (To update)<br>---------<br>[[Project Information:template XXXXXXXXXXXXXXXXX - Final Review - First Reviewer - D|See&Edit: Final Review/1st Reviewer (D)]]
+
  | style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached?<br>'''Yes/No''' (To update)<br>---------<br>Which status has been reached?<br>'''Season of Code''' - (To update)<br>---------<br>[[Project Information:template Securing WebGoat using ModSecurity - Final Review - First Reviewer - D|See&Edit: Final Review/1st Reviewer (D)]]
  | style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached?<br>'''Yes/No''' (To update)<br>---------<br>Which status has been reached?<br>'''Season of Code''' - (To update)<br>---------<br>[[Project Information:template XXXXXXXXXXXXXXXXX - Final Review - Second Reviewer - F|See&Edit: Final Review/2nd Reviewer (F)]]
+
  | style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached?<br>'''Yes/No''' (To update)<br>---------<br>Which status has been reached?<br>'''Season of Code''' - (To update)<br>---------<br>[[Project Information:template Securing WebGoat using ModSecurity - Final Review - Second Reviewer - F|See&Edit: Final Review/2nd Reviewer (F)]]
  | style="width:22%; background:#C2C2C2" align="center"|Objectives & Deliveries reached?<br>'''Yes/No''' (To update)<br>---------<br>Which status has been reached?<br>'''Season of Code''' - (To update)<br>---------<br>[[Project Information:template XXXXXXXXXXXXXXXXX - Final Review - OWASP Board Member - G|See/Edit: Final Review/Board Member (G)]]
+
  | style="width:22%; background:#C2C2C2" align="center"|Objectives & Deliveries reached?<br>'''Yes/No''' (To update)<br>---------<br>Which status has been reached?<br>'''Season of Code''' - (To update)<br>---------<br>[[Project Information:template Securing WebGoat using ModSecurity - Final Review - OWASP Board Member - G|See/Edit: Final Review/Board Member (G)]]
 
  |-
 
  |-
 
  |}
 
  |}

Revision as of 11:34, 16 June 2008

PROJECT IDENTIFICATION
Project Name OWASP Securing WebGoat using ModSecurity Project
Short Project Description The purpose of this project is to create custom Modsecurity rulesets that, in addition to the Core Set, will protect WebGoat 5.1 from as many of its vulnerabilities as possible (the goal is 90%) without changing one line of source code. To ensure that it will be a complete 'no touch' on WebGoat and its environment, ModSecurity will be configured on Apache server as a remote proxy server. For those vulnerabilities that cannot be prevented (partially or not at all), I will document my efforts in attempting to protect them. Business logic vulnerabilities will be particularly challenging to solve.
Email Contacts Project Leader
Stephen Evans 		Project Contributors
(if applicable)
Name&Email 		Project Mailing List First Reviewer
Ivan Ristic &
Breach Group 		Second Reviewer
Name 		OWASP Board Member
X
PROJECT MAIN LINKS
  • (If appropriate, links to be added)
RELATED PROJECTS

OWASP WebGoat Project

SPONSORS & GUIDELINES
Sponsor - OWASP Summer of Code 2008 Sponsored Project/Guidelines/Roadmap
ASSESSMENT AND REVIEW PROCESS
Review/Reviewer Author's Self Evaluation
(applicable for Alpha Quality & further) 		First Reviewer
(applicable for Alpha Quality & further) 		Second Reviewer
(applicable for Beta Quality & further) 		OWASP Board Member
(applicable just for Release Quality)
50% Review Objectives & Deliveries reached?
Yes/No (To update)
---------
See&Edit:50% Review/Self-Evaluation (A) 		Objectives & Deliveries reached?
Yes/No (To update)
---------
See&Edit: 50% Review/1st Reviewer (C) 		Objectives & Deliveries reached?
Yes/No (To update)
---------
See&Edit: 50%Review/2nd Reviewer (E) 		X
Final Review Objectives & Deliveries reached?
Yes/No (To update)
---------
Which status has been reached?
Season of Code - (To update)
---------
See&Edit: Final Review/SelfEvaluation (B) 		Objectives & Deliveries reached?
Yes/No (To update)
---------
Which status has been reached?
Season of Code - (To update)
---------
See&Edit: Final Review/1st Reviewer (D) 		Objectives & Deliveries reached?
Yes/No (To update)
---------
Which status has been reached?
Season of Code - (To update)
---------
See&Edit: Final Review/2nd Reviewer (F) 		Objectives & Deliveries reached?
Yes/No (To update)
---------
Which status has been reached?
Season of Code - (To update)
---------
See/Edit: Final Review/Board Member (G)

Retrieved from "https://wiki.owasp.org/index.php?title=Project_Information:template_Securing_WebGoat_using_ModSecurity&oldid=31678"