Analysis of the Effectiveness Level of Cloudflare, Docker and Nginx Proxy Manager as a Means to Improve Web Security

Authors

  • Mochamad Yusuf Setiya Putra Universitas Merdeka Malang, Malang City, 65146, Indonesia
  • Arif Saivul Affandi Universitas Merdeka Malang, Malang City, 65146, Indonesia

DOI:

https://doi.org/10.32815/jitika.v19i1.1070

Keywords:

Cloudflare, Cybersecurity, Docker, Nginx Proxy Manager

Abstract

Cybersecurity has become a critical issue as technology advances and the threats against web-based applications increase. This study aims to analyze the effectiveness of implementing Cloudflare, Docker, and NGINX Proxy Manager, both individually and in combination, as additional security layers to enhance the protection of web applications from various cyber threats. A quantitative approach with a quasi-experimental method and a posttest-only control group design is used in this research. The control group in this study is a system without any additional security layers, used as the baseline for measuring system security levels, while the experimental groups consist of a system with Cloudflare only, a system with Docker and NGINX Proxy Manager only, and a system with the combination of all three. Testing uses several types of attacks such as DDoS, brute force attack, XSS, and SQL injection, with tools including Slowhttptest, Burp Suite, XSSer, and SQLMap. The results of the tests are analyzed using descriptive analysis for categorical data and statistical for numerical data using One-Way ANOVA or Kruskal-Wallis tests, followed by post-hoc tests. The results show that the system with the combination of Cloudflare, Docker, and NGINX Proxy Manager provides the most optimal protection, with a reduction in successful attacks of up to 53% on DDoS, 69% on brute force attacks, 75% on XSS, and 100% on SQL Injection, and demonstrates significant results compared to the traditional system and systems using security technologies individually.

Downloads

Download data is not yet available.

References

Ekaputra, A. R., & Affandi, A. S. (2023). Pemanfaatan layanan cloud computing dan docker container untuk meningkatkan kinerja aplikasi web. Journal of Information System and Application Development, 1(2), 138–147. https://doi.org/10.26905/jisad.v1i2.11084

Firmansyah, M. D. (2021). Analisa Keamanan Web Server Terhadap Serangan Distributed Denial of Service Menggunakan Modevasive. Telcomatics, 6(1). https://doi.org/10.37253/telcomatics.v6i1.4990

Fortinet. (2024). What Is A Cyber Attack? . Fortinet. https://www.fortinet.com/uk/resources/cyberglossary/types-of-cyber-attacks

Harefa, J., Prajena, G., Alexander, A., Muhamad, A., Dewa, E. V. S., & Yuliandry, S. (2021). SEA WAF: The Prevention of SQL Injection Attacks on Web Applications. Advances in Science, Technology and Engineering Systems Journal, 6(2), 405–411. https://doi.org/10.25046/aj060247

Haryono, E., Slamet, M., & Septian, D. (2023). Statistika SPSS 28 (N. Rismawati, Ed.). Widina Bhakti Persada Bandung.

Id-SIRTII/CC. (2024). Laporan Hasil Monitoring. Indonesia Security Incident Response Team on Internet Infrastructure/Coordination Center. https://idsirtii.or.id/halaman/tentang/laporan-hasil-monitoring.html

Kusuma, G. H. A. (2022). Sistem Firewall untuk Pencegahan DDOS Attack di Masa Pandemi Covid-19. Journal of Informatics and Advanced Computing (JIAC), 3(1).

Laleb, I. (2023). Analisis Cross-Site Scripting (XSS) Injection – Reflected XSS And Stored XSS Mengggunakan Framework OWASP 10. Jurnal Ilmiah Flash, 8(1), 36. https://doi.org/10.32511/flash.v8i1.952

Prasetyo, S. E., Haeruddin, H., & Ariesryo, K. (2024). Website Security System from Denial of Service attacks, SQL Injection, Cross Site Scripting using Web Application Firewall. Antivirus : Jurnal Ilmiah Teknik Informatika, 18(1), 27–36. https://doi.org/10.35457/antivirus.v18i1.3339

Rikatsih, N., Andary, R. W., Shaleh, M., Hadiningrum, L. P., Irwandy, I., Prisusanti, R. D., Nggaba, M. E., Hadi, P., Sihombing, B., Setiawan, J., & Saloom, G. (2020). Metodologi Penelitian di Berbagai Bidang. Media Sains Indonesia.

Rustamana, A., Wahyuningsih, P., Azka, M. F., & Wahyu, P. (2024). Penelitian Metode Kuantitatif. Sindoro: Cendikia Pendidikan, 5(6).

Rahmah, S. A. (2023). Efektifitas Penerapan Algoritma Brute Force dan Penyalahgunaannya Dalam Sistem Berbasis Web. Journal of Computers and Digital Business, 2(3), 112–119. https://doi.org/10.56427/jcbd.v2i3.235

Satriyawan, H., & Susanto, D. S. (2023). Optimasi Keamanan Smart Grid Melalui Autentikasi Dua Lapis: Meningkatkan Efisiensi dan Privasi dalam Era Digital. Jurnal RESTIKOM : Riset Teknik Informatika Dan Komputer, 5(3), 319–333. https://doi.org/10.52005/restikom.v5i3.254

Sugiyono, S. (2017). Metode penelitian kuantitatif, kualitatif, dan R&D. Alfabet.

Wahib, P., Narotama, A. T., Rijki, N. M., Sahrudin, S., Permana, F., Sagara, D., Azkhal, D. I., Anwar, M., & Juniawan, M. R. (2022). Sosialisasi Cyber Security Awareness untuk meningkatkan literasi digita. Abdi Jurnal Publikasi, 1(2).

Additional Files

Published

02-03-2025

How to Cite

Putra, M. Y. S., & Affandi, A. S. (2025). Analysis of the Effectiveness Level of Cloudflare, Docker and Nginx Proxy Manager as a Means to Improve Web Security. Jurnal Ilmiah Teknologi Informasi Asia, 19(1), 24–30. https://doi.org/10.32815/jitika.v19i1.1070

Issue

Vol. 19 No. 1 (2025): Volume 19 Issue 1 2025 (In Press)

Section

Article

License

Copyright (c) 2025 Jurnal Ilmiah Teknologi Informasi Asia

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

Penulis mengirimkan naskah dan pengertian bahwa jika diterima untuk proses dipublikasi,  hak cipta dari artikel tersebut akan diberikan kepada jurnal ilmiah teknologi informasi asia. Jurnal ilmiah teknologi informasi asia (Jitika) dan Lp2m Stmik Asia Malang sebagai penerbit jurnal, komponen Hak cipta mencakup hak untuk mereproduksi dan mengirimkan artikel dalam semua bentuk dan media, termasuk cetak ulang, foto, mikrofilm, dan reproduksi serupa lainnya, serta terjemahannya.

Jurnal ilmiah teknologi infomasi asia, dan Lp2m ITB Asia Malang, beserta jajaran para redaksi berusaha keras untuk memastikan bahwa tidak ada data, opini, atau pernyataan yang salah atau menyesatkan ketika dipublikasikan di jurnal Jitika, dengan kondisi apapun, isi artikel dan iklan yang diterbitkan di Jurnal ilmiah teknologi infomasi asia adalah murni merupakan tanggung jawab masing-masing penulis dan pengiklan. Pengguna situs web ini akan dilisensikan dengan menggunakan materi dari situs web ini setelah Lisensi Internasional Creative Commons Attribution 4.0. Tidak ada biaya yang dibebankan. Silakan gunakan materi yang sesuai.

Anda bebas untuk:

Bagikan - salin dan sebarkan materi dalam media atau format apa pun.

Adaptasi - remix, transformasikan, dan bangun berdasarkan materi untuk tujuan apa pun, bahkan secara komersial.

Pemberi lisensi tidak dapat mencabut kebebasan ini selama Anda mengikuti ketentuan lisensi