Article Per Year (5 Year)
p-Index From 2021 - 2026
2.064
P-Index
This Author published in this journals
All Journal Jurnal Ilmiah Ecosystem INTEK: Jurnal Penelitian Journal of Information Systems and Informatics Jurnal Teknologi Elekterika EJOIN : Jurnal Pengabdian Masyarakat Journal of Embedded Systems, Security and Intelligent Systems Journal of Informatics and Computer Engineering Research
Utomo, Muhammad Nur Yasir
Unknown Affiliation
Agriculture, Biological Sciences & Forestry Civil Engineering, Building, Construction & Architecture Computer Science & IT Control & Systems Engineering Economics, Econometrics & Finance Education Electrical & Electronics Engineering Engineering Law, Crime, Criminology & Criminal Justice Public Health Social Sciences

Published : 13 Documents Claim Missing Document
Claim Missing Document
Check
Articles

Found 3 Documents
Search
Journal : Journal of Information Systems and Informatics

 1 
Enhancing Web Performance for E-learning Platform using Content Delivery Network (CDN) and Varnish Cache Utomo, Muhammad Nur Yasir; Tungadi, Eddy; Khartika, Widya
Journal of Information System and Informatics Vol 7 No 1 (2025): March
Publisher : Universitas Bina Darma

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.51519/journalisi.v7i1.993

Abstract

Along with the development of technology, the web has become a very popular platform for providing information services and digital content, especially in education sector. The popularity of web services such as e-learning is directly proportional to the increasing number of users. The increase in the number of users is often a problem because it can lead to decreased web performance and potential downtime. To overcome this problem, this study proposes Content Delivery Network (CDN) and Varnish Cache as solutions. Web performance evaluation was carried out in a campus internal network using Apache JMeter with a load of 1,000 users. Based on the evaluation, there was a 175.5% increase in throughput, from 51.9 to 142.9 requests per second. In terms of response time, it improved by 54.3%, decreasing from 16,476 ms to 7,526 ms. Additionally, latency was reduced by 82.4%, from 3,555.8 ms to 624.8 ms. The error rate also decreased from 31.4% to 17.2%. These results indicate that CDN implementation can effectively improve web server performance and provide an optimal user experience, especially under high load conditions.
Enhancing Web Application Security with Open-AppSec WAF on CDN Infrastructure Al Imran, Andi Yusdar; Utomo, Muhammad Nur Yasir; Yusri, Iin Karmila
Journal of Information System and Informatics Vol 7 No 3 (2025): September
Publisher : Universitas Bina Darma

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.51519/journalisi.v7i3.1218

Abstract

The increasing number of cyberattacks targeting web applications has made security a critical concern, with vulnerabilities such as SQL Injection, Cross-Site Scripting (XSS), Broken Authentication, and Cross-Site Request Forgery (CSRF) remaining prevalent in the OWASP Top 10. These threats can lead to data breaches, service disruption, and reputational damage if not properly mitigated. To address this issue, an infrastructure combining Open-AppSec Web Application Firewall (WAF) and Varnish Cache Content Delivery Network (CDN) was implemented on a Moodle-based e-learning platform within a virtualized Proxmox VE environment. Security testing was conducted using OWASP ZAP and Burp Suite under two scenarios: without WAF and with WAF. In the first scenario, OWASP ZAP detected multiple vulnerabilities, and Burp Suite confirmed successful exploitation with 200 OK responses. In the second scenario, all vulnerabilities were eliminated, and all simulated attacks returned 403 Forbidden responses, indicating complete mitigation. Performance tests revealed a manageable overhead, with throughput reaching 115.4 req/sec at 1000 concurrent users, accompanied by a slight increase in response time and latency. These results demonstrate that integrating Open-AppSec with CDN infrastructure can effectively protect against application-layer attacks while maintaining optimal content delivery performance. Limitations of this study include testing within a simulated environment; therefore, future work could validate these findings on larger-scale systems and with real-world traffic to assess broader generalizability.
Coraza-Based WAF with OWASP CRS for SQL Injection in Multi-Domain Web System Zaedil, Muhammad; Syamsuddin, Irfan; Utomo, Muhammad Nur Yasir
Journal of Information System and Informatics Vol 8 No 2 (2026): April
Publisher : Asosiasi Doktor Sistem Informasi Indonesia

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.63158/journalisi.v8i2.1475

Abstract

This research aims to design and implement a Web Application Firewall (WAF) based on the OWASP Core Rule Set (CRS) to enhance web application protection against SQL Injection attacks. The study was conducted in the web environment of the State Polytechnic of Ujung Pandang, which has more than 80 active subdomains with uniform server configurations, mostly using vulnerable CMSs such as WordPress. The proposed solution integrates Coraza, a Go-based WAF engine, into the Nginx reverse proxy system. The system includes a web-based control panel, JSON-formatted logging, and Redis support for efficient traffic mapping and storage, enabling flexible management of multiple domains. A key contribution of this study is the implementation of a centralized WAF management approach capable of securing more than 80 subdomains within a unified configuration environment. Tests were carried out using five SQL Injection scenarios: URL parameters, form-data, x-www-form-urlencoded, JSON API, and automated tools such as SQLMap. Without WAF, all attacks successfully penetrated the system, whereas with WAF activated, all tested payloads were successfully blocked, manual and automated, was effectively blocked, indicating a significant improvement in defense capability. These results demonstrate that the developed WAF system provides strong protection against SQL Injection attacks and indicate strong potential for enhancing web application security against SQL Injection attacks.
Co-Authors Abdul Rahman Al Imran, Andi Yusdar Anggun Winursito BASTIAN, ALVIAN Fansab, Nur Ayu Farahgta Indrabulan, Tantri Irfan Syamsuddin Khartika, Widya Mochammad Imron Awalludin Muh. Fajri Raharjo Nuzul1, Andi Muhammad Ramadhani, Ainun Zulkiah Rini Nur, Rini Silamba, Yurico Ignasius May Syam, Muh. Fadhil TUNGADI, EDDY Violita, Fajrin Yusri, Iin Karmila Zaedil, Muhammad