Web application firewall / Mohd Ikram Rahimi

Rahimi, Mohd Ikram (2006) Web application firewall / Mohd Ikram Rahimi. [Student Project] (Unpublished)

Download

Full text not available from this repository.

Abstract

The Web Application can easily be attacked by the hackers eventhough with the
existence of the normal firewall in the system. This is due to the limitation that the
normal firewall does not work in the application layer. The hackers will attack the Web
Application using the methods like Structured Query Language (SQL) Injection, Cross
Site Scripting (XSS), Command Injection, or Session Manipulation as the normal firewall
only open port 80 for Internet connection. Most of the Web Application Firewall is quite
costly. There are only few that can be operated under free license. The usage of
ModSecurity can solve the problem as it can be downloaded under GNU license. This
thesis is attempted to show the benefits of implementing ModSecurity and also the
reverse proxy server, instead of just implementing the conventional web server. The
penetration test is done to evaluate the performance of the server using this Web
Application Firewall. The results showed that ModSecurity and the Reverse Proxy
methods can improve the level of security for the web server by forbidding any intrusion
to take place through the Web Application. The impacts of the attacks had caused severe
damage to the server. The attacks also had congested the physical memory, CPU usage,
and CPU clock with or without ModSecurity.

Metadata

Item Type: Student Project
Creators:
Creators
Email
Rahimi, Mohd Ikram
UNSPECIFIED
Subjects: Q Science > QA Mathematics > Instruments and machines > Electronic Computers. Computer Science
Q Science > QA Mathematics > Web databases
Divisions: Universiti Teknologi MARA, Shah Alam > Faculty of Computer and Mathematical Sciences
Item ID: 677
Uncontrolled Keywords: Web application, firewall, SQL, CPU, server, security
URI: https://ir.uitm.edu.my/id/eprint/677

Fulltext

Fulltext is available at:
  • UNSPECIFIED
  • ID Number

    677

    Indexing


    View in Google Scholar

    Edit Item
    Edit Item