Kinerja Modsecurity Technical Report (Studi Kasus: Pencegahan terhadap Serangan SQL Injection)
DOI:
https://doi.org/10.34123/jurnalasks.v7i1.117Keywords:
Web Application Security, WAF, Modsecurity Performance, SQL InjectionAbstract
Several Measures are impelemented in web application security lifecycle such as Secure Development, Secure Deployment and Secure Operation. In secure operation section, a web application that has been through the stages of development and testing will soon enter production phase. At this stage it will be applied to Web Application Firewall (WAF) that meant to protect application from a malicious request.
The purpose of this research is to explore ModSecurity WAF implementation. WAF ModSecurity is a free, open source application that can be used to make the filter to requests which occur on a web application including a request containing SQL Injection commands. Another aim is to see whether the ModSecurity installation on a web server affect the performance of the web server.
From the test results concluded that ModSecurity can filter SQL injection and installation of ModSecurity does not significantly affect the performance of the web server.
Downloads
References
Anggorowati, M.A. (2013). Pengembangan Metode Estimasi SEM Non-Standar Pada Analisis Technology Acceptance Model [Disertasi]. Surabaya: Institut Teknologi Sepuluh November
Azwar, Saifuddin. (1997). Reliabilitas dan Validitas. Yogyakarta: Pustaka Pelajar.
Chuttur. M.Y. (2009). Overview Of The Technology Acceptance Model: Origins, Developments And Future Directions. Indiana University, USA. Sprouts:Working paper on information systems.
Cochran, G., William. (1991). Teknik Penarikan Sampel Jilid III. Jakarta: UI Press.
Davis, F. (1989), Perceived Usefulness, Perceived Ease Of Use And User Acceptance Of Information Technology. MIS Quartely, Vol.13 (3),hal. 319-339.
Davis, F. (1993). User Acceptance Of Information Technology: System Characteristics, User Perceptions. Int. J. Man Machine Studies, Vol.38 (3),hal. 475-87.
Diponegoro, Ahmad Muhammad. (2005). Validitas Konstruk Skala Afek. Humanitas: Indonesian Psychological Journal, 2 No.1 Januari 2005: 64-74.
Djaali, & Pudji. (2008). Pengukuran dalam Bidang Pendidikan. Jakarta: Grasindo.
Ghozali, Imam. (2008). Structural Equation Modeling Teori Konsep dan Aplikasi dengan Program Lisrel 8.80 + CD. Semarang: Universitas Diponegoro.
Hair, J.F. Jr., Anderson, R.E., Tatham, R.L., & Black, W.C. (1998). MultivariateData Analysis, (5th Edition). Upper Saddle River, NJ: Prentice Hall.
Hair, J.F. Jr.,Babin, B.J., Anderson, R.E., & Black, W.C. (2010). Multivariate Data Analysis, (7th Edition). Prentice Hall.
Jöreskog, K. G., & Sörbom, D. (1996). LISREL 8 user’s reference guide. Uppsala, Sweden: Scientific Software International.
Kang, Sungmin. (1998). Information Technology Acceptance : Evolving With The Changes In The Network Environment Center For Information
System Management Department Of Management Science And Information System Graduate School Of Business. The University of Texas at Austin. IEEE. 118
Maruyama, G., (1997). Basics Of Structural Equation Modeling. 1st Edn., Sage Publications, Thousand Oaks, ISBN-10: 0803974086, pp: 311.
Mike, Rosebush. (2011). Validition of the Character Mosaic Report. Technical Report.
Singarimbun, Masri & Sofyan Effendi. (1989). Metode Penelitian Survei, LP3ES.
Jakarta.
Sugiyono. (2008). Metode Penelitian Bisnis. Bandung: Alfabeta.
Takdir. (2011). SIPADU STIS versi Juli 2011. 12 Juli 2014.
Venkatesh, V., & Davis, F.D., (2000). A Theoretical Extension Of The Technology Acceptance Model: Four Longitudinal Field Studies. Management Science. Vol. 46, No. 2, pp. 186-204.
Venkatesh, V. & H. Bala, (2008). Technology Acceptance Model 3 And A Research Agenda On Interventions. Decision Sci., 39: 273-315.
Venkatesh, V., & Michael G. Moris, (2000), Why on?t Men Ever Stop to Ask for Directions? Gender, Social Influence, and Their Role in Technology Acceptance and Usage Behavior,MIS Quarterly.
Wibisono, Dermawan. (2003). Riset Bisnis: Panduan bagi Praktisi dan Akademisi. Jakarta: Gramedia Pustaka Utama.
Wijanto, Setyo Hari. (2008). Structural Equation Modeling dengan Lisrel 8.8: Konsep dan Tutorial. Jakarta: Graha Ilmu.
