Difference between revisions of "OWASP Securing WebGoat using ModSecurity Project"
From OWASP
(→[http://www.owasp.org/index.php/OWASP_ModSecurity_Securing_WebGoat_Section_4_Mitigating_the_WebGoat_Lessons Mitigating the WebGoat lessons]) |
(→[http://www.owasp.org/index.php/OWASP_ModSecurity_Securing_WebGoat_Section_3_ModSecurity_WebGoat_at_50_percent ModSecurity protecting WebGoat]) |
||
| Line 21: | Line 21: | ||
2.4 Overview of lesson results | 2.4 Overview of lesson results | ||
| − | === [http://www.owasp.org/index.php/OWASP_ModSecurity_Securing_WebGoat_Section_3_ModSecurity_WebGoat_at_50_percent ModSecurity protecting WebGoat] === | + | === [http://www.owasp.org/index.php/OWASP_ModSecurity_Securing_WebGoat_Section_3_ModSecurity_WebGoat_at_50_percent ModSecurity protecting WebGoat|ModSecurity protecting WebGoat] === |
3.1 Project Setup and Environment | 3.1 Project Setup and Environment | ||
Revision as of 02:58, 20 October 2008
Contents
Introduction
1.1 Background
1.2 Purpose
1.3 Tasks and deliverables
1.4 Future development and long-term vision
1.5 Contributors
WebGoat
2.1 Overview
2.2 How it works
2.3 Lesson Table Of Contents
2.4 Overview of lesson results
ModSecurity protecting WebGoat|ModSecurity protecting WebGoat
3.1 Project Setup and Environment
3.2 Doing the WebGoat lessons - tips and tricks
3.3 Project organization
3.3.1 ModSecurity rules
3.3.2 SecDirData directory
3.3.3 Error pages
3.3.4 Informational and debug messages
Mitigating the WebGoat lessons
4.1 Project metrics at 50% completion
4.2 Project metrics at 100% completion
4.3 Sublessons that do not count or were not solved (and why)
4.4 Overall strategy
4.5 Using the Lua scripting language
4.6 Structure of mitigating a lesson
4.7 The mitigating solutions
