Implementasi dan Analisis Sistem Keamanan Web pada planetelektronikindonesia.com Menggunakan Teknologi SSL/TLS dan WAF

  • Ahmad Gunawan H. Universitas Linggabuana PGRI Sukabumi
  • Yepi Sopian STIE Pasim Sukabumi
  • Riyanto STIE Pasim Sukabumi
  • Erwan Herdianto Universitas Swadaya Gunung Jati
  • Dewa Saepurrahman Universitas Linggabuana PGRI Sukabumi
PDF
DOI https://doi.org/10.31544/jtera.v11.i1.2026.139-148
Published 2026-06-26
Full Text Preview
Download PDF

Abstract

The use of websites as platforms for delivering digital information increases exposure to web-based cyber threats, particularly when security mechanisms are not properly implemented. This study focuses on the implementation and evaluation of Secure Socket Layer/Transport Layer Security (SSL/TLS) and a Web Application Firewall (WAF) to enhance the security of the planetelektronikindonesia.com website. The research methodology includes deploying SSL/TLS to secure data transmission and configuring a WAF to protect the application layer, followed by security testing using Qualys SSL Labs, OWASP ZAP, Burp Suite Community Edition, and an analysis of WAF attack logs over an observation period of approximately 14 days. The evaluation results show that the SSL/TLS implementation achieved an A rating in Qualys SSL Labs with support for TLS 1.2 and TLS 1.3, while no common vulnerabilities were detected. Vulnerability assessment using OWASP ZAP reported no high-risk findings, and manual testing confirmed that attacks such as SQL injection, cross-site scripting (XSS), and brute force were successfully prevented. In addition, WAF log analysis indicates a reduction in detected attacks from 140 to 28, corresponding to a decrease of approximately ±80%. These results indicate that the combined application of SSL/TLS and WAF effectively improves website security, safeguards user data, and significantly reduces the risk of web application exploitation without adversely affecting system performance.

Keywords

Keamanan Web SSL/TLS WAF HTTPS OWASP Top 10.

References

[1] M. Bishop, Computer Security: Art and Science, 2nd ed. Boston, MA, USA: Addison-Wesley, 2018.
[2] Open Web Application Security Project (OWASP), “OWASP Top 10:2021 – The Ten Most Critical Web Application Security Risks,” OWASP Foundation, 2021.
[3] E. Rescorla, SSL and TLS: Designing and Building Secure Systems. Boston, MA, USA: Addison-Wesley, 2001.
[4] Cloudflare, “Web Application Firewall (WAF) Security Overview,” Cloudflare, 2023.
[5] S. R. G. Christou, Network and Web Application Security. Boca Raton, FL, USA: CRC Press, 2020.
[6] N. Provos and T. Holz, Virtual Honeypots: From Botnet Tracking to Intrusion Detection. Boston, MA, USA: Addison-Wesley, 2007.
[7] J. Erickson, Hacking: The Art of Exploitation, 2nd ed. San Francisco, CA, USA: No Starch Press, 2008.
[8] National Institute of Standards and Technology (NIST), “Guide to SSL/TLS Deployment Best Practices,” NIST Special Publication SP-800, 2022.
[9] A. S. Tanenbaum and D. J. Wetherall, Computer Networks, 5th ed. Upper Saddle River, NJ, USA: Prentice Hall, 2011.
[10] Kaspersky Lab, “Web Threats and Application Vulnerabilities: Annual Security Report 2023,” Kaspersky Research Center, 2023.
[11] Google Developers, “HTTPS as a Ranking Signal,” Google Search Central Documentation, 2022.
[12] M. Howard and D. LeBlanc, Writing Secure Code, 2nd ed. Redmond, WA, USA: Microsoft Press, 2003.
[13] P. K. Manadhata and J. M. Wing, “An Attack Surface Metric,” IEEE Trans. Softw. Eng., vol. 37, no. 3, pp. 371–386, 2011.
[14] A. Somorovsky, “On the Insecurity of SSL/TLS,” in Proc. 10th USENIX Security Symp., 2016, pp. 1–14.
[15] J. Stewart, M. Chapple, and D. Gibson, CISSP (ISC)² Official Study Guide, 9th ed. Hoboken, NJ, USA: Wiley, 2021.
[16] A. Alqahtani and M. Alenezi, “Evaluating Web Application Firewall Effectiveness Against OWASP Top 10 Attacks,” IEEE Access, vol. 10, pp. 112345–112356, 2022.
[17] R. Singh, P. Kumar, and S. Verma, “Adoption of SSL/TLS Security in Small and Medium Enterprises Websites,” Int. J. Inf. Secur. Sci., vol. 12, no. 2, pp. 85–96, 2023.
[18] M. H. Rahman et al., “Performance Analysis of Web Application Firewalls in E-Commerce Environments,” Proc. Int. Conf. Cyber Security and Protection of Digital Services (Cyber Security), 2022, pp. 1–6.
[19] Y. Li and X. Zhang, “Impact of HTTPS and TLS on Web Security and User Trust,” J. Cyber Secur. Technol., vol. 7, no. 1, pp. 25–39, 2024.

Issue

Vol. 11 No. 1: June 2026

Section

Articles

License

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.

Authors who publish with this journal agree to the following terms:

The copyright to this article is transferred to JTERA if and when the article is accepted for publication. The undersigned hereby transfers any and all rights in and to the paper including without limitation all copyrights to JTERA. The undersigned hereby represents and warrants that the paper is original and that he/she is the author of the paper, except for material that is clearly identified as to its original source, with permission notices from the copyright owners where required. The undersigned represents that he/she has the power and authority to make and execute this assignment. The copyright transfer form will be sent via email before the article published.

The corresponding author signs for and accepts responsibility for releasing this material on behalf of any and all co-authors. This agreement is to be signed by at least one of the authors who have obtained the assent of the co-author(s) where applicable. After submission of this agreement signed by the corresponding author, changes of authorship or in the order of the authors listed will not be accepted.

How to Cite

[1]
“Implementasi dan Analisis Sistem Keamanan Web pada planetelektronikindonesia.com Menggunakan Teknologi SSL/TLS dan WAF”, JTERA, vol. 11, no. 1, pp. 139–148, Jun. 2026, doi: 10.31544/jtera.v11.i1.2026.139-148.