Peningkatan Keamanan Aplikasi Web Menggunakan Web Application Firewall (WAF) Pada Sistem Informasi Manajemen Kampus Terintegrasi

Randi Rizal, Yusuf Sumaryana

Abstract

Increasing the security of web applications on the integrated campus management information system needs to be done because the application is accessed by public networks so that there are many attacks and attempts to prevent threats from attackers. This study applies a Web Application Firewall (WAF)-based application security using ModeSecurity and Core Rules Set from Owasp which aims to improve the security system of the web application by using a firewall. This study uses an experimental method by implementing a Web Application Firewall (WAF) as a web-based protection system, then the process of analysis and testing to obtain accurate advice on firewall implementation. The results of this study indicate that the firewall used with Web Application Firewall (WAF)-based ModeSecurity has succeeded in stopping attacks from attackers using Cross Site Scripting (XSS) and SQL Injection methods.

Full Text:

PDF

References

D. Setiawan, “Dampak Perkembangan Teknologi Informasi dan Komunikasi Terhadap Budaya Impact of Information Technology Development and Communication on,” Jurnal Pendidikan, vol. X, no. 2, pp. 195–211, 2017.

Q. I. Sarhan and I. S. Gawdan, “Web Applications and Web Services: A Comparative Study,” Science Journal of University of Zakho, vol. 6, no. 1, p. 35, 2018, doi: 10.25271/2018.6.1.375.

S. Peroni et al., “Research Articles in Simplified HTML: A Web-first format for HTML-based scholarly articles,” PeerJ Computer Science, vol. 2017, no. 10, pp. 1–35, 2017, doi: 10.7717/peerj-cs.132.

“ID-SIRTII, 2018, ‘Laporan Tahunan Januari-Desember’.,” https://drive.google.com/file/d/1Q4gf6l9YZ9SuJrNc7eq_41cEYQ wk4c7Z/view., [Online]. Available: https://drive.google.com/file/d/1Q4gf6l9YZ9SuJrNc7eq_41cEYQ wk4c7Z/view.

S. Rheno Widianto and I. Abdullah Azzam, “Analisis Upaya Peretasan Web Application Firewall dan Notifikasi Serangan Menggunakan Bot Telegram pada Layanan Web Server,” Elektra, vol. 3, no. 2, pp. 19–28, 2018.

I. Abdullah Azzam, “Implementasi Keamanan Website Dengan Web Application Firewall Menggunakan ModSecurity Pada PT. Swadharma Duta Data,” Jurnal Hasil Riset, pp. 1–9, 2017.

Syaeffudin and R. Nurachmad, “Implementasi Web Application Firewall pada Web Mytra Dashboard dengan Menggunakan Modul ModSecurity,” Jurnal Zenodo, vol. 01, no. 03, pp. 20–29, 2018.

A. Endraca, “Web Application Fi rewall (W AF),” International Journal of e-Education, e-Business, e-Management and e-Learning, vol. 3, no. 6, pp. 451–455, 2013, doi: 10.7763/ijeeee.2013.v3.277.

S. Manaseer and A. K. al Hwaitat, “Centralized Web Application Firewall Security System,” Modern Applied Science, vol. 12, no. 10, p. 164, 2018, doi: 10.5539/mas.v12n10p164.

M. Yusup, Maisyaroh, and L. Septiana, “Securing Web application by embedded firewall,” Elektronika ir Elektrotechnika, vol. 8, no. 3, pp. 49–58, 2020, doi: 10.5755/j01.eee.119.3.1366.

X. Li and Y. Xue, “A Survey on Web Application Security.”

I. M. Suartana, H. Endah Wahanani, and A. Noor Sandy, “Sistem Pengaman Web Server Dengan Application Firewall (WAF),” Scan, vol. X, no. 1, pp. 3–8, 2015.

B. Ghozali, K. Kusrini, and S. Sudarmawan, “Mendeteksi Kerentanan Keamanan Aplikasi Website Menggunakan Metode Owasp (Open Web Application Security Project) Untuk Penilaian Risk Rating,” Creative Information Technology Journal, vol. 4, no. 4, p. 264, Jan. 2019, doi: 10.24076/citec.2017v4i4.119.

Anggrahito, R. Ibrahim, A. Fajri, and E. Murniyanti, “Implementasi Web Application Firewall Menggunakan ReverseProxy dan ModSecurity Sebagai Alternatif Pengamanan Aplikasi Web Pada Sektor Pemerintah,” pp. 24–25, 2019.

Refbacks

  • There are currently no refbacks.