Enhancing the Security Efficiency of the Souphanouvong University Journal Website

Abstract

This research is a study on the security of the Souphanouvong University Journal website with the aim of testing security checks, detecting flaws and vulnerabilities. The current problem is that the Souphanouvong University Journal website is in an insecure mode, which is at high risk of being hacked or attacked by hackers. Each time you access the website, you will be forced to view the website in an insecure mode, which may cause damage to personal information and lead to attacks on financial transactions. The research method is to analyze the structure of the website, check the SSL/TLS in use, check the Key Certificate, Security Certificate, Server version, and use Command Line commands and advanced programs to detect flaws and vulnerabilities on the website. Through research, we can conclude that: The website code still has weaknesses, SSL/TLS has not been upgraded, the Key Certificate has expired, the Security Certificate has expired, the Server version does not have Secure. Http Only, there are 13 ports open in low security mode, and there are 6 ports with a high risk of being easily attacked. The way to fix and protect the website for security is to update the Source Code with weaknesses, Upgrade SSL/TLS to Version 1.3, Update Key Certificate, Update Security Certificate, Close ports with low security and no services, Install Web Application Firewall, create a security monitoring table, Backup and update the system.