[Owasp-leaders] Archiving conference websites at OWASP

Colin Watson colin.watson at owasp.org
Sun Feb 3 10:28:11 UTC 2013

Matt and Sarah

This is very important. It pains me that so much of the 2011 and 2012
conference materials appear to have disappeared through the use of
other websites that are then overwritten by the next conference.

Thank you for your efforts here.


On 2 February 2013 19:11, Matt Tesauro <matt.tesauro at owasp.org> wrote:
> Sarah Baso sent me the following list of previous OWASP conferences and the
> locations of their pages on the OWASP wiki:
> 2010.appsecusa.org --> https://owasp.org/index.php/AppSec_US_2010,_CA
> 2009.appsecusa.org --> https://owasp.org/index.php/OWASP_AppSec_DC_2009
> 2008.appsecusa.org -->
> https://owasp.org/index.php/OWASP_NYC_AppSec_2008_Conference
> 2007.appsecusa.org -->
> https://owasp.org/index.php/OWASP_%26_WASC_AppSec_2007_Conference
> 2006.appsecusa.org --> https://owasp.org/index.php/OWASP_AppSec_Seattle_2006
> 2005.appsecusa.org -->
> https://owasp.org/index.php/OWASP_AppSec_Washington_2005
> 2004.appsecusa.org --> https://owasp.org/index.php/OWASP_AppSec_NYC_2004
> All those have been setup with the process documented so that the future
> 20[1-9][0-9] global conferences can be archived in the same fashion and is
> the start of consistently archiving past conference material.
> Yes, these were the USA conferences, but the same will be done for AppSec
> [EU | LATAM | APAC] sites as well assuming the conferences had OWASP wiki
> sites and/or have kept some sort of a backup of the conference site/access
> to the content.
> However, for those leaders here who will be running the 2013++ global AppSec
> conferences, please take archiving the site into consideration during your
> planning.  If you are going to use a dynamic site, try to ensure we can
> archive it by mirroring the resulting content (e.g. wget -m [URL here]).
> There are no current plans to keep dynamic sites on the archive since these
> sites have no need to change and the attack surface of POHS (Plain Old HTML
> Sites) is way smaller.
> The idea to to point the general hostname at the server for that year so:
> Before a conference:
>      appsecusa.org will point to 2013.appsecusa.org where ever that server
> is located.
> After a conference and when the next one is gearing up:
>     appsecusa.org will point to 2014.appsecusa.org where ever that server is
> located
>          and
>      2013.appsecusa.org will point to OWASP's archive server with a static
> copy of the conference site.
> This will have the added benefit of not breaking links for the current
> year's conference when it is no longer current.  It also gives conference
> planners freedom to do what works for their sites as long as its
> mirror-able.
> For the regional conferences which have had regular offerings, we should be
> able to archive those conference sites as well - such as Ireland, BeNeLux,
> SnoFroc, etc.  The exact process hasn't been worked out yet.
> Anyway, that's they way things currently planned.  Feel free to provide
> feedback, suggestions, etc.
> Cheers!
> --
> -- Matt Tesauro
> OWASP WTE Project Lead
> http://www.owasp.org/index.php/Category:OWASP_Live_CD_Project
> http://AppSecLive.org - Community and Download site
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders

More information about the OWASP-Leaders mailing list