Membangun Keamanan Dari Serangan Cross-Site Request Forgery (CSRF)

Abstract

The website is one of the most widely accessed information services by internet users in the world. The more widespread the transaction via the internet by utilizing website services, becoming a security factor is an important problem. This thesis entitled building e-commerce with the security of cross-site request forgery attacks (CSRF) arranged with the background of the security level from the use of websites for promotion or for online transactions. The importance of information security of a website will be a priority after data loss or damage occurs. Lack of awareness of the importance of information security makes some website owners unprepared to prevent or minimize the risks that can occur. Researchers conduct research on security specifically when they want to produce web-based systems such as online stores and e-commerce, the goal is the same, namely to provide data security guarantees for system users. This research will produce e-commerce that normally prevents cross site request forgery (CSRF) attacks. Prevention can be done by encrypting the URL because CSRF attacks more often use the weaknesses of the URL to be modified according to the needs of the attacker. This research will produce e-commerce by displaying item details, providing shopping baskets and displaying discount products, new products. Data security discussion only focuses on login authentication by applying the MD5 encryption. Handling SQL Injection problems the author uses an anti SQL injection script.