Open AccessPeningkatan Keamanan Aplikasi Web Menggunakan Web Application Firewall (WAF) Pada Sistem Informasi Manajemen Kampus Terintegrasi
Author(s) -
Randi Rizal,
Yusuf Sumaryana
Publication year - 2021
Publication title -
jurnal ict : information communication and technology/jurnal ict (information communication and technology)
Language(s) - English
Resource type - Journals
eISSN - 2303-3363
pISSN - 2302-0261
DOI - 10.36054/jict-ikmi.v20i2.416
Subject(s) - application firewall , firewall (physics) , cross site scripting , computer science , dmz , sql injection , computer security , internet security , web application security , stateful firewall , context based access control , world wide web , network security , web service , web development , information security , business , security service , search engine , network packet , query by example , charged black hole , web search query , accretion (finance) , schwarzschild radius , finance
Increasing the security of web applications on the integrated campus management information system needs to be done because the application is accessed by public networks so that there are many attacks and attempts to prevent threats from attackers. This study applies a Web Application Firewall (WAF)-based application security using ModeSecurity and Core Rules Set from Owasp which aims to improve the security system of the web application by using a firewall. This study uses an experimental method by implementing a Web Application Firewall (WAF) as a web-based protection system, then the process of analysis and testing to obtain accurate advice on firewall implementation. The results of this study indicate that the firewall used with Web Application Firewall (WAF)-based ModeSecurity has succeeded in stopping attacks from attackers using Cross Site Scripting (XSS) and SQL Injection methods.