This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "OWASP Securing WebGoat using ModSecurity Project"
(add Appendix C) |
|||
| Line 63: | Line 63: | ||
=== [http://www.owasp.org/index.php/OWASP_ModSecurity_Securing_WebGoat_Appendix_B_Project_Solution_Files Appendix B: Project solution files] === | === [http://www.owasp.org/index.php/OWASP_ModSecurity_Securing_WebGoat_Appendix_B_Project_Solution_Files Appendix B: Project solution files] === | ||
| − | === [http://www.owasp.org/index.php/ | + | === [http://www.owasp.org/index.php/OWASP_ModSecurity_Securing_WebGoat_Appendix_C_Building_Lua Appendix C: Building the Lua library and standalone executable] === |
Revision as of 07:51, 24 October 2008
Introduction
1.1 Background
1.2 Purpose
1.3 Tasks and deliverables
1.4 Future development and long-term vision
1.5 Contributors
WebGoat
2.1 Overview
2.2 How it works
2.3 Lesson Table Of Contents
2.4 Overview of lesson results
ModSecurity protecting WebGoat
3.1 Project Setup and Environment
3.2 Doing the WebGoat lessons - tips and tricks
3.3 Testing ModSecurity rules - tips and tricks
3.4 Project organization
3.4.1 ModSecurity rules
3.4.2 SecDirData directory
3.4.3 Error pages
3.4.4 Informational and debug messages
Mitigating the WebGoat lessons
4.1 Project metrics at 50% completion
4.2 Project metrics at 100% completion
4.3 Sublessons that do not count or were not solved (and why)
4.4 Overall strategy
4.5 Reviewer comments
4.6 Using the Lua scripting language
4.7 Using Javascript 'prepend' and 'append'
4.8 Structure of mitigating a lesson
4.9 The mitigating solutions
