This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "OWASP Securing WebGoat using ModSecurity Project"
From OWASP
m (Table of Contents - first version) |
(→ModSecurity protecting WebGoat at 50%) |
||
Line 1: | Line 1: | ||
− | |||
==Introduction== | ==Introduction== | ||
Line 25: | Line 24: | ||
3.3 Project organization | 3.3 Project organization | ||
+ | |||
3.3.1 ModSecurity rules | 3.3.1 ModSecurity rules | ||
+ | |||
3.3.2 SecDirData directory | 3.3.2 SecDirData directory | ||
+ | |||
3.3.3 Error pages | 3.3.3 Error pages | ||
+ | |||
3.3.4 Informational and debug messages | 3.3.4 Informational and debug messages | ||
Revision as of 12:54, 14 July 2008
Introduction
1.1 Overview
1.2 Milestones
1.3 Contributors
WebGoat
2.1 Overview
2.2 How it works
2.3 Lesson Table Of Contents
2.4 Overview of lesson results
ModSecurity protecting WebGoat at 50%
3.1 Project Setup and Environment
3.2 Doing the WebGoat lessons - tips and tricks
3.3 Project organization
3.3.1 ModSecurity rules
3.3.2 SecDirData directory
3.3.3 Error pages
3.3.4 Informational and debug messages
Mitigating the WebGoat lessons
4.1 Project metrics
4.2 Overall strategy
4.3 Structure of mitigating a lesson
4.4 The mitigating solutions