MINIMALISASI ATTACK SURFACE PADA SERVER WEB MELALUI PENDEKATAN KEAMANAN BERLAPIS
DOI:
https://doi.org/10.47111/jti.v19i2.22756Abstract
Servers used to run WordPress-based web applications face serious challenges due to a wide attack surface, especially when backend and SSH access are exposed to the public. This study designs and implements an access protection architecture for servers and websites by combining Cloudflare proxy, Virtual Private Network (VPN), and Web Application Firewall (WAF) to mitigate these risks. An experimental method is employed by building a simulated LAMP and WordPress-based infrastructure on two Virtual Private Servers (VPS), where all public traffic is routed through Cloudflare and administrative access is strictly limited to VPN tunnels. The test results show that the proposed architecture effectively eliminates unauthorized access to backend pages and SSH services without disrupting public access to the website. This approach demonstrates that a simple layered defense strategy can be practically applied to enhance server security while providing a protection model that can be replicated for similar infrastructures.
References
H. Z. Artie, M. Hilman, and S. Yazid, “Penilaian Risiko Keamanan Informasi Pusat Data pada Instansi XYZ,” J. Inform. Ekon. Bisnis, pp. 270–276, Jun. 2025, doi: 10.37034/infeb.v7i2.1160.
I. Setiawan, A. Widjajarto, and A. Budiyono, “Desain Kontrol Keamanan Pada Content Management System Wordpress Berdasar Aspek Aplikasi Dengan Panduan OWASP,” TEKNIKA, vol. 19, no. 1, Art. no. 1, 2025, doi: 10.5281/zenodo.13756114.
M. R. A. Fitra, A. A. S. Effendi, S. A. Priscilia, and D. Kiswanto, “Uji Penetrasi Menggunakan Hydra dan Metasploit pada Protokol Secure Shell,” JATI J. Mhs. Tek. Inform., vol. 9, no. 1, Art. no. 1, 2025, doi: 10.36040/jati.v9i1.12583.
P. B. Baskara, I. M. Widiartha, and I. G. S. Astawa, “Analisis Resiko Celah Keamanan Website E-Commerce Berbasis Content Management System (CMS) Wordpress Menggunakan Vulnerability Scanning (Studi Kasus: beekella.com),” Pros. Semin. Nas. Univ. Ma Chung Inform. Sist. Inf. Bhs. Dan Seni Farm., vol. 2, pp. 40–49, Sep. 2022.
A. Nasir, “Analisa Celah Kelah Keamanan Terhadap Web Server Menggunakan Metode Attack Surface Dan Kepadatan Kerentanan,” Temat. J. Penelit. Tek. Inform. Dan Sist. Inf., pp. 67–72, Sep. 2020, doi: 10.56963/tematika.vi.256.
T. Ariyadi, M. R. Pohan, M. K. Hadi, and A. A. Widodo, “Implementasi Firewall Pada Protokol SSH Linux Ubuntu Menggunakan Iptables,” Pros. Semin. Ris. Mhs., vol. 1, no. 1, Art. no. 1, Jan. 2024.
D. Aryachandra, I. F. Yanto, M. M. Khair, and M. R. S. Pahlevi, “Menyembunyikan Alamat IP Webserver dengan Proxy Dns Records Cloudflare,” J. Sos. Teknol., vol. 4, no. 4, Art. no. 4, Apr. 2024, doi: 10.59188/jurnalsostech.v4i4.1221.
D. A. Sandi and A. Tedyyana, “Implementasi dan Analisa Sistem Pencegahan Intrusi pada Aplikasi Web Menggunakan Web Application Firewall,” Repeater Publ. Tek. Inform. Dan Jar., vol. 2, no. 4, pp. 16–26, Aug. 2024, doi: 10.62951/repeater.v2i4.196.
G. H. A. Kusuma, “Perancangan Skema Sistem Keamanan Jaringan Web Server menggunakan Web Application Firewall dan Fortigate untuk Mencegah Kebocoran Data di Masa Pandemi Covid-19,” J. Inform. Adv. Comput. JIAC, vol. 2, no. 2, Art. no. 2, Nov. 2021, doi: 10.35814/jiac.v2i2.3259.
S. Slamet, “Taksonomi Pertahanan Cyber Security Menggunakan Model Cyber Kill Chain,” SPIRIT, vol. 16, no. 1, Art. no. 1, May 2024, doi: 10.53567/spirit.v16i1.332
