This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "OWASP Securing WebGoat using ModSecurity Project"
(added links to TOC headings) |
(→[http://www.owasp.org/index.php/OWASP_ModSecurity_Securing_WebGoat_Section_3_ModSecurity_WebGoat_at_50% ModSecurity protecting WebGoat at 50%]) |
||
Line 21: | Line 21: | ||
2.4 Overview of lesson results | 2.4 Overview of lesson results | ||
− | == [http://www.owasp.org/index.php/OWASP_ModSecurity_Securing_WebGoat_Section_3_ModSecurity_WebGoat_at_50% ModSecurity protecting WebGoat at 50 | + | == [http://www.owasp.org/index.php/OWASP_ModSecurity_Securing_WebGoat_Section_3_ModSecurity_WebGoat_at_50% ModSecurity protecting WebGoat at 50 percent] == |
3.1 Project Setup and Environment | 3.1 Project Setup and Environment |
Revision as of 03:05, 24 July 2008
Introduction
1.1 Background
1.2 Purpose
1.3 Talks and deliverables
1.4 Future development and long-term vision
1.5 Contributors
WebGoat
2.1 Overview
2.2 How it works
2.3 Lesson Table Of Contents
2.4 Overview of lesson results
ModSecurity protecting WebGoat at 50 percent
3.1 Project Setup and Environment
3.2 Doing the WebGoat lessons - tips and tricks
3.3 Project organization
3.3.1 ModSecurity rules
3.3.2 SecDirData directory
3.3.3 Error pages
3.3.4 Informational and debug messages
Mitigating the WebGoat lessons
4.1 Project metrics
4.2 Overall strategy
4.3 Using the Lua scripting language
4.4 Structure of mitigating a lesson
4.5 The mitigating solutions