WordPress Permissions Configuration Script

wp-permissions-script

#!/bin/bash
#
# how to use it
# -------------
#
# sudo bash wp-file-perm.sh /path/to/wp-folder user group
#
# This script configures WordPress file permissions based on recommendations
# from http://codex.wordpress.org/Hardening_WordPress#File_permissions
#
# Author: Michael Conigliaro (https://gist.github.com/macbleser/9136424)
# Contributor:
# - Stefan Adams (https://github.com/s1037989)
# - Kl3sk (https://github.com/kl3sk)
#
WP_ROOT=${1:-.} # <-- wordpress root directory, current directory by default
[ -e "$WP_ROOT/wp-config.php" ] || { echo "Usage: $0 /path/to/wordpress"; exit; } # <-- detect that the directory is a wordpress root
WP_OWNER=$2 # <-- wordpress owner (This assumes the wordpress owner is the logged in user)
WP_GROUP=$3 # <-- wordpress group (This assumes the wordpress owner is the logged in user)
HTTPDUSER=$(ps axo user,comm | grep -E '[a]pache|[h]ttpd|[_]www|[w]ww-data|[n]ginx' | grep -v root | head -1 | cut -d\  -f1)

WS_GROUP=$HTTPDUSER # <-- webserver group
echo -e "Fixing permissions on $WP_ROOT"
echo -e "Wordpress owner.group: $WP_OWNER.$WP_GROUP"
echo -e "Web Server group: $WS_GROUP"

echo -e 'reset to safe defaults'
find ${WP_ROOT} -exec chown ${WP_OWNER}:${WP_GROUP} {} \;
find ${WP_ROOT} -type d -exec chmod 755 {} \;
find ${WP_ROOT} -type f -exec chmod 644 {} \;

echo -e 'allow wordpress to manage wp-config.php (but prevent world access)'
chgrp ${WS_GROUP} ${WP_ROOT}/wp-config.php
chmod 660 ${WP_ROOT}/wp-config.php

echo -e 'allow wordpress to manage .htaccess'
touch ${WP_ROOT}/.htaccess
chgrp ${WS_GROUP} ${WP_ROOT}/.htaccess
chmod 664 ${WP_ROOT}/.htaccess

echo -e 'allow wordpress to manage wp-content'
find ${WP_ROOT}/wp-content -exec chgrp ${WS_GROUP} {} \;
find ${WP_ROOT}/wp-content -type d -exec chmod 775 {} \;
find ${WP_ROOT}/wp-content -type f -exec chmod 664 {} \;