Website Security System from Denial of Service attacks, SQL Injection, Cross Site Scripting using Web Application Firewall

Abstract

The Internet and web applications play an important role in our modern life today. Some of our day-to-day activities like browsing, booking flights or ships, paying bills are becoming easier and easier using a web application. Nowadays a lot of people are using web applications for the desired product or service. Users who provide names, personal data, payment data, can be a source of income for hackers targeting user sensitive information. Hackers can not only steal confidential user data, but can also insert malware into the attacked website. In another study, it was mentioned that a server is very vulnerable if it does not have a good firewall or security. The solution proposed by the author is to add a service between the user and the server as an intermediary so that the hacker cannot directly enter the server of a web application. In this study, researchers will use cloudflare-protected websites as targets for penetration testing using Kali Linux. By using cloudflare, we can set the rules and the level of security of the website so that we can easily prevent attacks by hackers.