Journal of Computer Networks, Architecture and High Performance Computing Volume 5, Number 1, January 2023 https://doi.org/10.47709/cnahpc.v5i1.1991 Submitted : January 12, 2023 Accepted : January 19, 2023 Published : January 19, 2023 * Corresponding author This is an Creative Commons License This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International (CC BY-SA 4.0). 38 Vulnerability Assessment with Network-Based Scanner Method for Improving Website Security Dewi Laksmiati Universitas Bina Sarana Informatika, Indonesia dewi.dlk@bsi.ac.id ABSTRACT The digital world has seen a significant increase in security threats in recent years, with hacker attacks on websites being a major concern in cybersecurity. One platform that is particularly vulnerable is WordPress, which is widely used and therefore a popular target for hackers. About 95.62% hacked website in 2021 is WordPress based site. Therefore, to improve website security we conducted a vulnerability assessment on a WordPress based website, in order to identify vulnerabilities that may be exploited by hackers. To do the vulnerability assessment, we used the network-based scanner based to detect vulnerabilities on the WordPress website. Our results showed that the website had several vulnerabilities that needed to be addressed and fixed immediately. The conclusion of our research highlights the importance of conducting regular vulnerability assessments on WordPress-based websites to reduce the risk of vulnerabilities being exploited. By taking proactive measures to identify and fix vulnerabilities, website owners can better protect their sites from potential hacker attacks. It is crucial for website owners to be aware of the risks posed by security threats in the digital world and to take steps to mitigate these risks to protect their businesses and their customers. Keywords: Vulnerability assessment, hacker attacks, WordPress, cybersecurity, website vulnerabilities 1. INTRODUCTION The digital world has seen a significant increase in security threats in recent years. Security threats commonly not differs the target, but they will have a greater impact if they attack companies. hacker attacks on websites being a major concern. Therefore, cybersecurity is extremely important for companies, especially in the digital age. Cybersecurity helps protect companies from hacking attacks that can damage systems, steal data, or disrupt business activities. The history of cybersecurity dates to the 1943 when first digital computer, ENIAC was invented by J. Presper Eckert and John Mauchly at the University of Pennsylvania.(ComputerHope, 2022) However, since the 1980s, hacking attacks have become more common, making companies more aware of cybersecurity, and now in the internet era. The cybersecurity has more important role, and it is estimated that the number of new threats is doubling every year, and the global cost of data breaches is measured in trillions of dollars per year.(Borky & Bradley, 2019). Security evaluation has important role in cybersecurity, it is conducted to find vulnerabilities on the website and provide solutions to the vulnerabilities found. This security evaluation prevents the risk of losing important data and additional budget expenditures if the website experiences malfunction or crash(Tania, Setiyadi, & Khasanah, 2018). The current forms of cyber threats include Advanced Persistent Threats (APT) attacks, Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks, Defacement attacks, Phishing attacks, Malware attacks, Trojan Horse attacks, Password Cracking, and Spa (Zen, Gultom, & Reksoprodjo, 2020) m. Unfortunately, the cybersecurity role in company is not easily filled, over 60 percent of respondent organizations experience at least three months of unfilled cybersecurity positions when hiring new staff(ISACA, 2019). In cybersecurity nowadays, web application has become common target, Web applications can perform a wide range of functions, such as allowing users to enter data, process transactions, or access information. These applications are often used in business, education, and government settings to streamline processes and improve efficiency. One of the main advantages of web applications is that they can be accessed from any device with an internet connection, providing greater flexibility and mobility. Additionally, web applications can be updated and maintained remotely, making them easy to scale and adapt to changing needs. In conclusion, web applications are a valuable tool for