Web application firewall / Mohd Ikram Rahimi
The Web Application can easily be attacked by the hackers eventhough with the existence of the normal firewall in the system. This is due to the limitation that the normal firewall does not work in the application layer. The hackers will attack the Web Application using the methods like Structured Q...
Saved in:
| Main Author: | |
|---|---|
| Format: | Student Project |
| Language: | en |
| Published: |
Faculty of Information Technology and Quantitative Sciences
2006
|
| Subjects: | |
| Online Access: | https://ir.uitm.edu.my/id/eprint/677/1/677.pdf https://ir.uitm.edu.my/id/eprint/677/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1833057931153637376 |
|---|---|
| author | Rahimi, Mohd Ikram |
| author_facet | Rahimi, Mohd Ikram |
| author_sort | Rahimi, Mohd Ikram |
| building | Tun Abdul Razak Library |
| collection | Institutional Repository |
| content_provider | Universiti Teknologi Mara |
| content_source | UiTM Institutional Repository |
| continent | Asia |
| country | Malaysia |
| description | The Web Application can easily be attacked by the hackers eventhough with the existence of the normal firewall in the system. This is due to the limitation that the normal firewall does not work in the application layer. The hackers will attack the Web Application using the methods like Structured Query Language (SQL) Injection, Cross Site Scripting (XSS), Command Injection, or Session Manipulation as the normal firewall only open port 80 for Internet connection. Most of the Web Application Firewall is quite costly. There are only few that can be operated under free license. The usage of ModSecurity can solve the problem as it can be downloaded under GNU license. This thesis is attempted to show the benefits of implementing ModSecurity and also the reverse proxy server, instead of just implementing the conventional web server. The penetration test is done to evaluate the performance of the server using this Web Application Firewall. The results showed that ModSecurity and the Reverse Proxy methods can improve the level of security for the web server by forbidding any intrusion to take place through the Web Application. The impacts of the attacks had caused severe damage to the server. The attacks also had congested the physical memory, CPU usage, and CPU clock with or without ModSecurity. |
| format | Student Project |
| id | my.uitm.ir-677 |
| institution | Universiti Teknologi Mara |
| language | en |
| publishDate | 2006 |
| publisher | Faculty of Information Technology and Quantitative Sciences |
| record_format | eprints |
| spelling | my.uitm.ir-6772025-03-17T03:05:13Z https://ir.uitm.edu.my/id/eprint/677/ Web application firewall / Mohd Ikram Rahimi Rahimi, Mohd Ikram Electronic Computers. Computer Science Web databases The Web Application can easily be attacked by the hackers eventhough with the existence of the normal firewall in the system. This is due to the limitation that the normal firewall does not work in the application layer. The hackers will attack the Web Application using the methods like Structured Query Language (SQL) Injection, Cross Site Scripting (XSS), Command Injection, or Session Manipulation as the normal firewall only open port 80 for Internet connection. Most of the Web Application Firewall is quite costly. There are only few that can be operated under free license. The usage of ModSecurity can solve the problem as it can be downloaded under GNU license. This thesis is attempted to show the benefits of implementing ModSecurity and also the reverse proxy server, instead of just implementing the conventional web server. The penetration test is done to evaluate the performance of the server using this Web Application Firewall. The results showed that ModSecurity and the Reverse Proxy methods can improve the level of security for the web server by forbidding any intrusion to take place through the Web Application. The impacts of the attacks had caused severe damage to the server. The attacks also had congested the physical memory, CPU usage, and CPU clock with or without ModSecurity. Faculty of Information Technology and Quantitative Sciences 2006 Student Project NonPeerReviewed text en https://ir.uitm.edu.my/id/eprint/677/1/677.pdf Web application firewall / Mohd Ikram Rahimi. (2006) [Student Project] <http://terminalib.uitm.edu.my/677.pdf> (Unpublished) |
| spellingShingle | Electronic Computers. Computer Science Web databases Rahimi, Mohd Ikram Web application firewall / Mohd Ikram Rahimi |
| title | Web application firewall / Mohd Ikram Rahimi |
| title_full | Web application firewall / Mohd Ikram Rahimi |
| title_fullStr | Web application firewall / Mohd Ikram Rahimi |
| title_full_unstemmed | Web application firewall / Mohd Ikram Rahimi |
| title_short | Web application firewall / Mohd Ikram Rahimi |
| title_sort | web application firewall / mohd ikram rahimi |
| topic | Electronic Computers. Computer Science Web databases |
| url | https://ir.uitm.edu.my/id/eprint/677/1/677.pdf https://ir.uitm.edu.my/id/eprint/677/ |
| url_provider | http://ir.uitm.edu.my/ |