Cara Menginstal DVWS (Damn Vulnerable Web Services) di Nginx

Zaenal Arifin - Oct 2 '23 - - Dev Community

DVWS (Damn Vulnerable Web Services) adalah platform latihan uji penetrasi yang dirancang untuk membantu pengembang dan peneliti keamanan memahami kerentanannya pada layanan web dan API. Berikut adalah langkah-langkah untuk menginstal DVWS di server Nginx.

Langkah 1: Persiapkan Server dan Instal Nginx

Pastikan Anda memiliki server yang dijalankan dan Nginx terinstal. Jika belum, ikuti langkah-langkah untuk menginstal Nginx pada sistem operasi Anda.

Langkah 2: Instal PHP-FPM

DVWS menggunakan PHP, jadi kita akan menginstal PHP-FPM (PHP FastCGI Process Manager) untuk menangani pemrosesan PHP.

sudo apt update
sudo apt install php-fpm
Enter fullscreen mode Exit fullscreen mode

Langkah 3: Konfigurasi Nginx

Buat konfigurasi Nginx untuk DVWS. Buat file konfigurasi baru di direktori konfigurasi Nginx, misalnya, /etc/nginx/sites-available/dvws.

sudo nano /etc/nginx/sites-available/dvws
Enter fullscreen mode Exit fullscreen mode

Tambahkan konfigurasi berikut (sesuaikan dengan lokasi di mana Anda akan menempatkan DVWS):

server {
    listen 80;
    server_name your_domain_or_ip;

    root /var/www/html/DVWS;
    index index.php;

    location / {
        try_files $uri $uri/ /index.php?$args;
    }

    location ~ \.php$ {
        include snippets/fastcgi-php.conf;
        fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
    }

    location ~ /\.ht {
        deny all;
    }
}
Enter fullscreen mode Exit fullscreen mode

Gantilah your_domain_or_ip dengan domain atau alamat IP server Anda.

Langkah 4: Aktifkan Konfigurasi Nginx

Aktifkan konfigurasi yang baru saja dibuat dengan membuat tautan simbolis ke direktori sites-enabled.

sudo ln -s /etc/nginx/sites-available/dvws /etc/nginx/sites-enabled/
Enter fullscreen mode Exit fullscreen mode

Langkah 5: Restart Nginx

Restart Nginx untuk menerapkan perubahan konfigurasi.

sudo systemctl restart nginx
Enter fullscreen mode Exit fullscreen mode

Langkah 6: Unduh dan Konfigurasi DVWS

Unduh kode sumber DVWS dari repositori Git.

git clone https://github.com/interference-security/DVWS.git /var/www/html/DVWS
Enter fullscreen mode Exit fullscreen mode

Atur izin yang sesuai untuk direktori DVWS.

sudo chown -R www-data:www-data /var/www/html/DVWS
Enter fullscreen mode Exit fullscreen mode

Langkah 7: Akses DVWS melalui Browser

Sekarang, Anda dapat mengakses DVWS melalui browser web dengan menggunakan alamat IP atau domain server dan melanjutkan dengan uji penetrasi. Buka http://your_domain_or_ip/ di browser.

Pastikan untuk selalu menggunakan DVWS dan alat uji penetrasi dengan etika dan hanya pada sistem yang Anda miliki izin untuk menguji.

Image
The Potential of Monolithic Systems

monolithicarchitecture, architecture, systemdesign, softwareengineering
Image
Understanding Clean Architecture Principles

cleanarchitecture, architecture, domaindrivendesign, hexagonalarchitecture
Image
Exploring Hexagonal Architecture

softwaredevelopment, softwareengineering, architecture, hexagonalarchitecture
Image
How to use AI for coding the right way

ai, cursor, claude, ide
Image
A Quick Introduction to Event Storming

softwaredevelopment, systemdesign, teammanagement, softwareengineering
Image
Understanding Domain Events in TypeScript: Making Events Work for You

typescript, domaindrivendesign, domainevents, patterns
Image
My first post in dev.to
Image
🚀 Casenator Just Got Even Better: New Case Styles and Dev-Friendly Updates!

webdev, javascript, beginners, programming
Image
Cash for Junk Car Mississauga, Ontario: Turning Your Junk into Cash

webdev, javascript, discuss, devjournal
Image
Choosing the Right Real-Time Stream Processing Framework

flink, spark, ksqldb, timeplus
Image
Enhance Your RAG Application With Web Searching Capability!

rag, ai, langchain, python
Image
Exploring KaneAI Beta: An Innovative Testing Agent by LambdaTest | Excited to be Part of the Beta Journey!

lambdatest, kaneai, automation, webdev
Image
Building a User-Friendly, Budget-Friendly Alternative to dbt Cloud

dbt, dataengineering, opensource, datascience
Image
Coolify: Your All-in-One Open-Source PaaS Solution

paas, opensource, webdev, linux
Image
Learning Vue Part 3: Building a pomodoro timer

beginners, vue, webdev, todayilearned
Image
Protecting your Fintech App Customers further with Panic Password

design, software, fintech, security
Image
Web Developers, AI, and Development Fundamentals

opinion, watercooler, webdev
Image
Tools That We Use At Our $100k/mo Startup

productivity, devops, leadership, startup
Image
AWS Snow Family
. . . . . . . . . . . . . . . .
Terabox Video Player