-
Notifications
You must be signed in to change notification settings - Fork 0
/
script.sh
40 lines (32 loc) · 1.29 KB
/
script.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
#!/bin/bash
# This script was written by Richard Hickson. Twitter.com/richhickson.
#
# It uses code from Michael Coigliaro - https://gist.github.com/Adirael/3383404#file-fix-wordpress-permissions-sh
# Based on hardening wordpress here https://wordpress.org/support/article/hardening-wordpress/
# It downloads, unzips, removes the zip and the ziped folder.
#
#Download wordPress
wget https://wordpress.org/latest.zip
#Unzip Wordpress
unzip latest.zip
#Move WordPress from extracted folder to root of the current folder.
pwd=$(pwd)
mv wordpress/* $pwd/
#alter permissions
WP_OWNER=www-data # <-- wordpress owner
WP_GROUP=www-data # <-- wordpress group
WP_ROOT=$1 # <-- wordpress root directory
WS_GROUP=www-data # <-- webserver group
# reset to safe defaults
find ${WP_ROOT} -exec chown ${WP_OWNER}:${WP_GROUP} {} \;
find ${WP_ROOT} -type d -exec chmod 755 {} \;
find ${WP_ROOT} -type f -exec chmod 644 {} \;
# allow wordpress to manage wp-config.php (but prevent world access)
chgrp ${WS_GROUP} ${WP_ROOT}/wp-config.php
chmod 660 ${WP_ROOT}/wp-config.php
# allow wordpress to manage wp-content
find ${WP_ROOT}/wp-content -exec chgrp ${WS_GROUP} {} \;
find ${WP_ROOT}/wp-content -type d -exec chmod 775 {} \;
find ${WP_ROOT}/wp-content -type f -exec chmod 664 {} \;
#tidy up
rm -rf wordpress/ && rm latest.zip