diff --git a/README.MD b/README.MD index bdb8a3af1..6077b2bb0 100644 --- a/README.MD +++ b/README.MD @@ -38,7 +38,7 @@ Every release is also published on [DockerHub]((https://hub.docker.com/r/webgoat The easiest way to start WebGoat as a Docker container is to use the all-in-one docker container. This is a docker image that has WebGoat and WebWolf running inside. ```shell -docker run -p 8080:8080 -p 9090:9090 -e TZ=Europe/Amsterdam webgoat/goatandwolf +docker run -p 127.0.0.1:8080:8080 -p 127.0.0.1:9090:9090 -e TZ=Europe/Amsterdam webgoat/goatandwolf ``` WebGoat will be located at: http://127.0.0.1:8080/WebGoat @@ -46,32 +46,6 @@ WebWolf will be located at: http://127.0.0.1:9090/WebWolf **Important**: Choose the correct timezone, so that the docker container and your host are in the same timezone. As it important for the validity of JWT tokens used in certain exercises. -### Using docker stack deploy - -Another way to deply WebGoat and WebWolf in a more advanced way is to use a compose-file in a docker stack deploy. -You can define which containers should run in which combinations and define all of this in a yaml file. -An example of such a file is: [goat-with-reverseproxy.yaml](goat-with-reverseproxy.yaml) - -This sets up an nginx webserver as reverse proxy to WebGoat and WebWolf. You can change the timezone by adjusting the value in the yaml file. - -```shell -docker stack init -docker stack deploy --compose-file goat-with-reverseproxy.yaml webgoatdemo -``` - -Add the following entries in your local hosts file: - -```shell -127.0.0.1 www.webgoat.local www.webwolf.localhost -``` - -You can use the overall start page: http://www.webgoat.local or: - -WebGoat will be located at: http://www.webgoat.local/WebGoat - -WebWolf will be located at: http://www.webwolf.local/WebWolf - -**Important**: the current directory on your host will be mapped into the container for keeping state. ## 2. Standalone @@ -82,7 +56,7 @@ java -jar webgoat-server-8.1.0.jar [--server.port=8080] [--server.address=localh java -jar webwolf-8.1.0.jar [--server.port=9090] [--server.address=localhost] ``` -The latest version of WebGoat needs Java 15 or above. By default WebGoat and WebWolf start on port 8080,9000 and 9090 with the environment variable WEBGOAT_PORT, WEBWOLF_PORT and WEBGOAT_HSQLPORT you can set different values. +The latest version of WebGoat needs Java 15 or above. By default, WebGoat uses port 8080, the database uses 9000 and WebWolf use port 9090 with the environment variable WEBGOAT_PORT, WEBWOLF_PORT and WEBGOAT_HSQLPORT you can set different values. ```Shell export WEBGOAT_PORT=18080 export WEBGOAT_HSQLPORT=19001 @@ -90,7 +64,8 @@ export WEBWOLF_PORT=19090 java -jar webgoat-server-8.1.0.jar java -jar webwolf-8.1.0.jar ``` -Use set in stead of export on Windows cmd. + +Use `set` instead of export on Windows cmd. ## 3. Run from the sources @@ -134,13 +109,16 @@ server.address=x.x.x.x For specialist only. There is a way to set up WebGoat with a personalized menu. You can leave out some menu categories or individual lessons by setting environment variables. -For instance running as a jar on a Linux/MacOS it will look like: +For instance running as a jar on a Linux/macOS it will look like: + ```Shell export EXCLUDE_CATEGORIES="CLIENT_SIDE,GENERAL,CHALLENGE" export EXCLUDE_LESSONS="SqlInjectionAdvanced,SqlInjectionMitigations" java -jar webgoat-server/target/webgoat-server-v8.2.0-SNAPSHOT.jar ``` + Or in a docker run it would (once this version is pushed into docker hub) look like: + ```Shell docker run -d -p 80:8888 -p 8080:8080 -p 9090:9090 -e TZ=Europe/Amsterdam -e EXCLUDE_CATEGORIES="CLIENT_SIDE,GENERAL,CHALLENGE" -e EXCLUDE_LESSONS="SqlInjectionAdvanced,SqlInjectionMitigations" webgoat/goatandwolf ```