OWASP Securing WebGoat using ModSecurity Project

Introduction
1.1 Overview

1.2 Milestones

1.3 Contributors

WebGoat
2.1 Overview

2.2 How it works

2.3 Lesson Table Of Contents

2.4 Overview of lesson results

ModSecurity protecting WebGoat at 50%
3.1 Project Setup and Environment

3.2 Doing the WebGoat lessons - tips and tricks

3.3 Project organization 3.3.1 ModSecurity rules 3.3.2 SecDirData directory 3.3.3 Error pages 3.3.4 Informational and debug messages

Mitigating the WebGoat lessons
4.1 Project metrics

4.2 Overall strategy

4.3 Structure of mitigating a lesson

4.4 The mitigating solutions