blizzrdof77 · March 9, 2020 19:39
diff --git a/fix-wordpress-permissions.sh b/fix-wordpress-permissions.sh
 #!/bin/bash

 #
 # This script configures WordPress file permissions based on recommendations
 # from http://codex.wordpress.org/Hardening_WordPress#File_permissions
 #
 # Author: Michael Conigliaro <mike [at] conigliaro [dot] org>
 #


 # -----------------------------------------
 #  Check if command exists (returns true/false)
 #
 #  @1 = Command or function
 ##
 function command-exists {
    if [ -z "$1" ]; then
        echo "Name of command (e.g. 'cd'):"
        read checkcmd
    else
        checkcmd="$1"
    fi
    if [[ $(command -v $checkcmd) = "" ]]; then
        echo "false"
    else
        echo "true"
    fi
 }

 WP_CONFIG_PATH="$(wp config path)"
 WP_ROOT=$(echo "${WP_CONFIG_PATH//"wp-config.php"/}") # <-- wordpress root directory

 if [[ $(command-exists color) = "true" ]]; then
 	start_stage="$(color red)[ℹ] "
 	info_stage="$(color yellow)"
 	default_stage="$(color white)"
 	complete_stage="$(echo $(color green) ✓ ☝ ✓✓✓ ☝ ✓; echo ' ')"
 else
 	start_stage="[ℹ] "
 	info_stage=""
 	default_stage=""
 	complete_stage="$(echo ✓ ☝ ✓✓✓ ☝ ✓; echo ' ')"
 fi;

 # Wordpress owner
 if [ -z $WP_OWNER ]; then
  echo "${info_stage}Provide WP_OWNER (e.g. 'www-data')${default_stage}"
  read WP_OWNER
 fi

 # WP Group
 if [ -z $WP_GROUP ]; then
  echo "${info_stage}Provide WP_GROUP (e.g. 'www-data')${default_stage}"
  read WP_GROUP
 fi

 # Server Group
 if [ -z $WS_GROUP ]; then
  echo "${info_stage}Provide WS_GROUP (e.g. 'www-data')${default_stage}"
  read WS_GROUP
 fi

 echo "${default_stage}-----------------------------"
 echo "${default_stage}Proceeding with the following values:${info_stage}"
 echo " -> WP_ROOT: $WP_ROOT"
 echo " -> WP_OWNER: $WP_OWNER"
 echo " -> WP_GROUP: $WP_GROUP"
 echo " -> WS_GROUP: $WS_GROUP"
 echo "${default_stage}-----------------------------"
 echo ""

 echo "${info_stage}Look Good? Proceed with caution! ${start_stage} [y/n]?${default_stage}"
 read yn

 case $yn in
  [Yy]* ) PROCEED="true" && echo "And we are off!";;
  [Nn]* ) echo "Exiting..." && exit;;
  * ) echo "That's not yes or no." && exit;;
 esac

 if [[ $PROCEED = "true" ]]; then
 	# reset to safe defaults
 	echo "${default_stage}-----------------------------"
 	echo "${info_stage} Proceeding!"
 	echo "${default_stage}-----------------------------"
 	echo ""
 	echo "${start_stage}Changing owner/group in \"${WP_ROOT}\" to \"${WP_OWNER}:${WP_GROUP}\"..."
 	find "${WP_ROOT}" -exec chown ${WP_OWNER}:${WP_GROUP} {} \;
 	echo $complete_stage
 	echo "${start_stage}Changing Directory permissions to 755..."
 	find "${WP_ROOT}" -type d -exec chmod 755 {} \;
 	echo $complete_stage
 	echo "${start_stage}Changing File permissions to 644..."
 	find "${WP_ROOT}" -type f -exec chmod 644 {} \;
 	echo $complete_stage

 	echo "${default_stage}-----------------------------"
 	echo "${info_stage} Allow WP to manage wp-config.php (preventing world access)."
 	echo "${default_stage}-----------------------------"
 	echo ""

 	echo "${start_stage}Changing 'wp-config.php' group to \"${WS_GROUP}\""
 	chgrp ${WS_GROUP} "${WP_ROOT}wp-config.php"
 	echo $complete_stage
 	echo "${start_stage}Changing 'wp-config.php' permissions to 660..."
 	chmod 660 "${WP_ROOT}wp-config.php"
 	echo $complete_stage

 	echo "${default_stage}-----------------------------"
 	echo "${info_stage} Allow WordPress to manage wp-content directory."
 	echo "${default_stage}-----------------------------"
 	echo ""
 	# allow wordpress to manage wp-content
 	echo "${start_stage}Changing wp-content group to ${WS_GROUP}..."
 	find "${WP_ROOT}wp-content" -exec chgrp ${WS_GROUP} {} \;
 	echo $complete_stage

 	echo "${start_stage}Changing wp-content permissions: (dirs to '775', files to '664')..."
 	find "${WP_ROOT}wp-content" -type d -exec chmod 775 {} \;
 	find "${WP_ROOT}wp-content" -type f -exec chmod 664 {} \;
 	echo $complete_stage
 	echo "ALL DONE!"
 fi
	#!/bin/bash

	#
	# This script configures WordPress file permissions based on recommendations
	# from http://codex.wordpress.org/Hardening_WordPress#File_permissions
	#
	# Author: Michael Conigliaro <mike [at] conigliaro [dot] org>
	#


	# -----------------------------------------
	# Check if command exists (returns true/false)
	#
	# @1 = Command or function
	##
	function command-exists {
	if [ -z "$1" ]; then
	echo "Name of command (e.g. 'cd'):"
	read checkcmd
	else
	checkcmd="$1"
	fi
	if [[ $(command -v $checkcmd) = "" ]]; then
	echo "false"
	else
	echo "true"
	fi
	}

	WP_CONFIG_PATH="$(wp config path)"
	WP_ROOT=$(echo "${WP_CONFIG_PATH//"wp-config.php"/}") # <-- wordpress root directory

	if [[ $(command-exists color) = "true" ]]; then
	start_stage="$(color red)[ℹ] "
	info_stage="$(color yellow)"
	default_stage="$(color white)"
	complete_stage="$(echo $(color green) ✓ ☝ ✓✓✓ ☝ ✓; echo ' ')"
	else
	start_stage="[ℹ] "
	info_stage=""
	default_stage=""
	complete_stage="$(echo ✓ ☝ ✓✓✓ ☝ ✓; echo ' ')"
	fi;

	# Wordpress owner
	if [ -z $WP_OWNER ]; then
	echo "${info_stage}Provide WP_OWNER (e.g. 'www-data')${default_stage}"
	read WP_OWNER
	fi

	# WP Group
	if [ -z $WP_GROUP ]; then
	echo "${info_stage}Provide WP_GROUP (e.g. 'www-data')${default_stage}"
	read WP_GROUP
	fi

	# Server Group
	if [ -z $WS_GROUP ]; then
	echo "${info_stage}Provide WS_GROUP (e.g. 'www-data')${default_stage}"
	read WS_GROUP
	fi

	echo "${default_stage}-----------------------------"
	echo "${default_stage}Proceeding with the following values:${info_stage}"
	echo " -> WP_ROOT: $WP_ROOT"
	echo " -> WP_OWNER: $WP_OWNER"
	echo " -> WP_GROUP: $WP_GROUP"
	echo " -> WS_GROUP: $WS_GROUP"
	echo "${default_stage}-----------------------------"
	echo ""

	echo "${info_stage}Look Good? Proceed with caution! ${start_stage} [y/n]?${default_stage}"
	read yn

	case $yn in
	[Yy]* ) PROCEED="true" && echo "And we are off!";;
	[Nn]* ) echo "Exiting..." && exit;;
	* ) echo "That's not yes or no." && exit;;
	esac

	if [[ $PROCEED = "true" ]]; then
	# reset to safe defaults
	echo "${default_stage}-----------------------------"
	echo "${info_stage} Proceeding!"
	echo "${default_stage}-----------------------------"
	echo ""
	echo "${start_stage}Changing owner/group in \"${WP_ROOT}\" to \"${WP_OWNER}:${WP_GROUP}\"..."
	find "${WP_ROOT}" -exec chown ${WP_OWNER}:${WP_GROUP} {} \;
	echo $complete_stage
	echo "${start_stage}Changing Directory permissions to 755..."
	find "${WP_ROOT}" -type d -exec chmod 755 {} \;
	echo $complete_stage
	echo "${start_stage}Changing File permissions to 644..."
	find "${WP_ROOT}" -type f -exec chmod 644 {} \;
	echo $complete_stage

	echo "${default_stage}-----------------------------"
	echo "${info_stage} Allow WP to manage wp-config.php (preventing world access)."
	echo "${default_stage}-----------------------------"
	echo ""

	echo "${start_stage}Changing 'wp-config.php' group to \"${WS_GROUP}\""
	chgrp ${WS_GROUP} "${WP_ROOT}wp-config.php"
	echo $complete_stage
	echo "${start_stage}Changing 'wp-config.php' permissions to 660..."
	chmod 660 "${WP_ROOT}wp-config.php"
	echo $complete_stage

	echo "${default_stage}-----------------------------"
	echo "${info_stage} Allow WordPress to manage wp-content directory."
	echo "${default_stage}-----------------------------"
	echo ""
	# allow wordpress to manage wp-content
	echo "${start_stage}Changing wp-content group to ${WS_GROUP}..."
	find "${WP_ROOT}wp-content" -exec chgrp ${WS_GROUP} {} \;
	echo $complete_stage

	echo "${start_stage}Changing wp-content permissions: (dirs to '775', files to '664')..."
	find "${WP_ROOT}wp-content" -type d -exec chmod 775 {} \;
	find "${WP_ROOT}wp-content" -type f -exec chmod 664 {} \;
	echo $complete_stage
	echo "ALL DONE!"
	fi