Analisa Dan Perbaikan Keamanan Pada Website SDN 9 Bantan

Website security is currently one of the main focuses, because websites contain sensitive and valuable information and data. This research aims to determine the level of website security and provide improvements to security gaps on the SDN 9 Bantan website using the Vulnerability Assessment method and using the OWASP ZAP and Mozilla Observatory tools. From the scan results, several gaps were found on the SDN 9 Bantan website such as Content Security Policy (CSP) Header Not Set which allows XSS attacks to occur, Missing Anti-clickjacking Header, absence of anti-clickjacking header opens clickjacking gaps, absence of Content Security Policy (CSP) increases the risk of XSS attacks, insecure
redirection can be exploited for phishing, absence of Strict Transport Security (HSTS) makes the site vulnerable to Man-in-the-Middle (MitM) attacks, and without X-Frame-Options increases the risk of clickjacking attacks. To overcome this security gap, a Vulnerability Assessment was carried out to determine the risk
level of the SDN 9 Bantan website security gap which is at the medium level. After the repair process, several security gaps were successfully removed in the Mozilla Observatory. However, gaps such as Content Security Policy (CSP) Header Not Set is still detected in OWASP ZAP.