[Owasp-leaders] Archiving conference websites at OWASP

Matt Tesauro matt.tesauro at owasp.org
Sat Feb 2 19:11:46 UTC 2013

Sarah Baso sent me the following list of previous OWASP conferences and the
locations of their pages on the OWASP wiki:

2010.appsecusa.org --> https://owasp.org/index.php/AppSec_US_2010,_CA
2009.appsecusa.org --> https://owasp.org/index.php/OWASP_AppSec_DC_2009
2008.appsecusa.org -->
2007.appsecusa.org -->
2006.appsecusa.org --> https://owasp.org/index.php/OWASP_AppSec_Seattle_2006
2005.appsecusa.org -->
2004.appsecusa.org --> https://owasp.org/index.php/OWASP_AppSec_NYC_2004

All those have been setup with the process documented so that the future
20[1-9][0-9] global conferences can be archived in the same fashion and is
the start of consistently archiving past conference material.

Yes, these were the USA conferences, but the same will be done for AppSec
[EU | LATAM | APAC] sites as well assuming the conferences had OWASP wiki
sites and/or have kept some sort of a backup of the conference site/access
to the content.

However, for those leaders here who will be running the 2013++ global
AppSec conferences, please take archiving the site into consideration
during your planning.  If you are going to use a dynamic site, try to
ensure we can archive it by mirroring the resulting content (e.g. wget -m
[URL here]).  There are no current plans to keep dynamic sites on the
archive since these sites have no need to change and the attack surface of
POHS (Plain Old HTML Sites) is way smaller.

The idea to to point the general hostname at the server for that year so:
Before a conference:
     appsecusa.org will point to 2013.appsecusa.org where ever that server
is located.
After a conference and when the next one is gearing up:
    appsecusa.org will point to 2014.appsecusa.org where ever that server
is located
     2013.appsecusa.org will point to OWASP's archive server with a static
copy of the conference site.

This will have the added benefit of not breaking links for the current
year's conference when it is no longer current.  It also gives conference
planners freedom to do what works for their sites as long as its

For the regional conferences which have had regular offerings, we should be
able to archive those conference sites as well - such as Ireland, BeNeLux,
SnoFroc, etc.  The exact process hasn't been worked out yet.

Anyway, that's they way things currently planned.  Feel free to provide
feedback, suggestions, etc.


-- Matt Tesauro
OWASP WTE Project Lead
http://AppSecLive.org - Community and Download site
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20130202/5aad9f23/attachment.html>

More information about the OWASP-Leaders mailing list