If you're already familiar with Linux, and a few scripting languages (you don't have know them though), and you're prepared to an online course mostly on your own, then I'd recommend PWB + OSCP at Offensive Security.

CEH won't teach you anything near real PenTesting (The prep material I've gone through for fun, has mostly just taught me the theoretical knowledge behind parts of pentesting, but it's nowhere near the practical part such as using Metasploit against a target system, performing scans with nmap, and so forth). eLearnSecurity is nice, especially for complete new beginners. (No matter which course you take currently. It especially has a large section about Web Application Security, from what I've heard.)

But generally, you will get the most out of your money from the PWB (Pentesting with BackTrack) at Offensive Security. Not just because of their labs which are ranging from easy to challenging, but also because of the courseware material (videos and PDF), along with other students you can ask on their IRC channel. (irc.freenode.org #offsec )

That's pretty much my recommendation.


Keep in mind PWB + OSCP won't be easy at all, and it is expected as I probably already said, that you are prepared to be studying and researching on your own. There's no one that will guide you through every step of the process, especially in the lab. There is of course the very nice videos and PDF which should be enough for starters. Make sure you get enough lab time and that you don't waste it on just going through the PDF and videos.

As a beginner if I was total new to this field never done anything I would do
CEH
Elearning
offensive-security

AS I think CEH will teach you the basic stuff.
Elearning will build on what you learned in CEH

Then offensive security