Implementasi Web Application Firewall untuk Melindungi Aplikasi Web dari Serangan Malware

Authors

  • Muhamad Fahrizal Rizqi Telkom University
  • Rohmat Tulloh Telkom University
  • Nazel Djibran PT Datacomm Diangraha

DOI:

https://doi.org/10.32493/informatika.v8i2.33691

Keywords:

Internet, Web Application firewall, Malware, VMware, Traffic

Abstract

At this time Internet services have become a necessity no longer to provide information services, but have become important so there are many cases of websites being hacked by attackers, for that network security is very important to avoid theft of important data Security in a web application is a important aspect to have. Securing a web application can be done by installing a firewall that is connected directly to the server network. Security for a web application usually uses a web application firewall installed on a web server. To overcome a security problem in Web Applications and minimize losses caused by SQL Injection and XSS attacks, we need a way to overcome these attacks. Several security measures have been used, such as the use of fortiweb to set the traffic destination for a web application. In this study, we will use a Web Application Firewall (WAF) device. Because it can protect Web applications from existing malware attacks and zero day malware. This final project will implement a Web Application Firewall (WAF). By way of device configuration and will use DVWA for malware testing. The technology that will be used to monitor malware logs will use VMware. From the results of testing a web application firewall, it is hoped that it can implement and prevent various malware attacks that attack web applications and can monitor the logs of an attacking malware.

References

Aryapranata, A. (2020). Web Application Firewall pada Situs Web Institut Bisnis Nusantara www.ibn.ac.id. Jurnal Esensi Infokom : Jurnal Esensi Sistem Informasi Dan Sistem Komputer, 4(1), 55–59. https://doi.org/10.55886/infokom.v4i1.321

Bangkit Wiguna, Adi Prabowo, W., & Ananda, R. (2020). Implementasi Web Application Firewall Dalam Mencegah Serangan SQL Injection Pada Website. Digital Zone: Jurnal Teknologi Informasi Dan Komunikasi, 11(2), 245–256. https://doi.org/10.31849/digitalzone.v11i2.4867

Dody Firmansyah, M. (2021). Analisa Keamanan Web Server terhadap Serangan Distributed Denial of Service menggunakan Modevasive. TELCOMATICS, 6(1), 2541–5867. https://doi.org/10.37253/telcomatics.v6i1.4990

Muharromin, M. (2023). Analisis Performance Web Application Firewall ModSecuritydan Shadow Daemon Dalam Keamanan Web Server Apache. 393, 393–402.

Munawar, Z., Kom, M., & Putri, N. I. (2020). Keamanan Jaringan Komputer Pada Era Big Data. Jurnal Sistem Informasi-J-SIKA, 02, 14–20.

Perdana Putranto, D., Hananto, B., Ilmu Komputer, F., Pembangunan Nasional Veteran Jakarta, U., Fatmawati Raya, J. R., & Labu, P. (2022). Analisis Keamanan Website Leads UPNVJ Terhadap Serangan SQL Injection & Sniffing Attack. JURNAL INFORMATIK, 18.

Riska, R., & Alamsyah, H. (2021). Penerapan Sistem Keamanan Web Menggunakan Metode Web Aplication Firewall. Jurnal Amplifier : Jurnal Ilmiah Bidang Teknik Elektro Dan Komputer, 11(1), 37–42. https://doi.org/10.33369/jamplifier.v11i1.16683

Robinson, Akbar, M., & Ridha, M. A. F. (2018). SQL injection and cross site scripting prevention using OWASP web application firewall. International Journal on Informatics Visualization, 2(4), 286–292. https://doi.org/10.30630/joiv.2.4.107

Sahren, S. (2021). Implementasi Teknologi Firewall Sebagai Keamanan Server Dari Syn Flood Attack. JURTEKSI (Jurnal Teknologi Dan Sistem Informasi), 7(2), 159–164. https://doi.org/10.33330/jurteksi.v7i2.933

Jurnal Informatika Universitas Pamulang Vol. 8 No. 2 Juni 2023

Downloads

Published

2023-06-30

Issue

Vol. 8 No. 2 (2023): JURNAL INFORMATIKA UNIVERSITAS PAMULANG

Section

Article

License

Authors who publish with this journal agree to the following terms:

  1. Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution-NonCommercial 4.0 International (CC BY-NC 4.0) that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
  2. Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
  3. Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).

Jurnal Informatika Universitas Pamulang have CC-BY-NC or an equivalent license as the optimal license for the publication, distribution, use, and reuse of scholarly work.

In developing strategy and setting priorities, Jurnal Informatika Universitas Pamulang recognize that free access is better than priced access, libre access is better than free access, and libre under CC-BY-NC or the equivalent is better than libre under more restrictive open licenses. We should achieve what we can when we can. We should not delay achieving free in order to achieve libre, and we should not stop with free when we can achieve libre.

Jurnal Informatika Universitas Pamulang is licensed under a Creative Commons Attribution-NonCommercial 4.0 International (CC BY-NC 4.0)

YOU ARE FREE TO:

  • Adapt : remix, transform, and build upon the material for any purpose, even commercially.
  • The licensor cannot revoke these freedoms as long as you follow the license terms