Python Conference APAC 2024

Nizar Akbar Meilani

Professional Title: Linux System Administrator
Company: DomaiNesia

I am Nizar Akbar Meilani, a Linux System Administrator in shared hosting company DomaiNesia. I am a System Administrator which helps everything in shared hosting runs smoothly and securely. As a good System Administrator, my motto is precise data from analysis is better than assumptions.


Links to social media profile / website / github

https://nizarakbar.com


Session

10-27
15:00
30min
Enhancing Actively Attacked WordPress Vulnerability Detection with Python, WP-CLI Vulnerability Scanner, and Imunify360 Incident Logs
Nizar Akbar Meilani

This paper presents a solution for detecting actively exploited WordPress vulnerabilities in a shared hosting environment. Recent reports indicate a significant increase in reported vulnerabilities, highlighting growing risk. Analysis from Patchstack shows a 24% rise in vulnerabilities from 2022 to 2023 [1], while WPScan reports substantial increase in reports from 2014, 2022, 2023, until 2024 especially among free plugins and themes [2]. Given these findings, detecting these vulnerabilities is crucial, particularly in shared hosting where users may lack awareness. Leveraging CloudLinux’s Imunify360 WAF rules, which includes WordPress vulnerability signatures, this study integrates incident logs from Imunify360’s SQLite database, WP-CLI Vulnerability Scanner, and Python for detection. By correlating WAF-triggered attacks, Static Analysis of version from WP-CLI Vulnerability, modifying date of plugin, theme, and core WordPress, the approach enhances the identification of actively exploited vulnerabilities.

CLASS #2 - 4B