Implementasi rate limiting dan Bot Telegram untuk mitigasi serangan HTTP GET Flood

Abstract

Distributed Denial of Service (DDoS) attacks pose a serious cybersecurity threat by overwhelming web servers with excessive traffic, rendering them inaccessible. One of the most common types is HTTP Flood, where massive HTTP GET and POST requests continuously drain server resources, leading to performance degradation or system failure. This study aims to analyze the impact of HTTP Flood DDoS attacks on web servers and evaluate the effectiveness of mitigation strategies using firewalls, rate limiting, and Bot Telegram notifications. The research was conducted through experimental testing on an Apache server hosted on a Digital Ocean VPS, where server performance was measured before and after mitigation. The results indicate that a combination of firewalls configured with iptables and rate limiting successfully reduced CPU load by over 90%, maintaining server stability even under attack. Additionally, Bot Telegram played a crucial role in real-time attack detection and response, enabling administrators to take immediate action. In conclusion, the applied mitigation techniques effectively reduced the impact of DDoS attacks and enhanced server resilience.