Uji Keamanan Website Terhadap Serangan Path Traversal (Studi Kasus Website Pendataan Warga)
Abstract
Website security is very important because website is targeted hacker to exploit actions that can harm the website itself. One of them is a Path Traversal attack that allows an attacker to access file, directory and commands that are potentially outside the root directory of web document. To find out how a website was broken or in other words hack with Path Traversal technique, then make an analysis of the Path Traversal attack. The purpose of this research is to study Path Traversal attack, find out how to anallyze website security and find solutions to overcome wibsite security problem against Path Traversal attack. In this research conducted using the OWASP ZAP scaning application program to clearly see the vulnerability on a website. Based on the analysis of Path Traversal attack on the citizens collection website, it can be seen that when access to the directory is not protected it will be a gap for the attacker can access or retrieve important files in the app. To minimize Path Traversal attack add an .htaccess file or index.php of all folder.
Keywords
Full Text:
PDFReferences
Academia. 2019. Keamanan Jaringan. Diperoleh dari http://academia.edu. (diakses 20 juni).
Auger, Robert. 2010. Path Traversal. Diperoleh dari http://projects.webappsec.org. (diakses 4 mei).
Hartono, Hamzah. 2014. Pengertian Website dan Fungsinya. Ilmu Teknologi Informasi.
Kurniawan, Iwan, dkk. 2016. Sistem Pencegahan Serangan Bruteforce Pada Ubuntu Server Dengan Menggunakan Fail2ban. Jurnal Infomatek. 18: 96.
Muryandi, AMP. 2018. Aplikasi Pengujian Celah Keamanan Pada Aplikasi Berbasis Web. Skripsi. Tidak diterbitkan. Teknik Informatika Universitas Islam Indonesia.
OWASP ZAP. 2016. Diperoleh dari https://www.owasp.org. (diakses 20 Juni).
Smartsoft. 2014. Pengertian Atau Definisi Web Application ( Aplikasi Web). Diperoleh dari http://smartsoftstudio.com. (diakses 15 Februari).
Universitas Ciputra. 2016. Metode Pengumpulan Data. Diperoleh dari http://ciputrauceo.net. (diakses 21 Juni).
Universitas Pasundan. 2012. Keamanan Web. Diperoleh dari http://www.unpas.ac.id. (diakses 20 Juni).
Zabar, AA dan Novianto, F. 2015. Keamanan HTTP dan HTTPS Berbasis Web Menggunakan Sistem Informasi Kali Linux.Vol. 4 N. 2. Hal 69-70.
Refbacks
- There are currently no refbacks.
Copyright (c) 2019 Neng Ita Sopia Fazriani, Banta Cut, Sanusi Sanusi
Kandidat : Jurnal Riset dan Inovasi Pendidikan
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.
© Kandidat : Jurnal Riset dan Inovasi Pendidikan
Published by Center for Research and Community Service (LPPM) University of Abulyatama, Aceh, Indonesia. 2019