Skip to content

Instantly share code, notes, and snippets.

@luison
Forked from Adirael/fix-wordpress-permissions.sh
Last active July 18, 2019 19:19
Show Gist options
  • Save luison/bfd4babcea362efde4f8d692d4a0a510 to your computer and use it in GitHub Desktop.
Save luison/bfd4babcea362efde4f8d692d4a0a510 to your computer and use it in GitHub Desktop.
Fix wordpress file permissions
#!/bin/bash
#
# This script configures WordPress file permissions based on recommendations
# from http://codex.wordpress.org/Hardening_WordPress#File_permissions
#
# Author: Michael Conigliaro <mike [at] conigliaro [dot] org>
# modified by Jose Luis Moya - alsur.es
#
WP_OWNER=www-data # <-- wordpress owner
WP_GROUP=www-data # <-- wordpress group
WP_ROOT=$1 # <-- wordpress root directory
WS_GROUP=www-data # <-- webserver group
#in case wp-content changed use second value of bash
WP_CONTENT=${2:-wp-content} # <-- name of obfuscated wp-content on second argument defaults to wp-content
# reset to safe defaults
find ${WP_ROOT} -exec chown ${WP_OWNER}:${WP_GROUP} {} \;
find ${WP_ROOT} -type d -exec chmod 755 {} \;
find ${WP_ROOT} -type f -exec chmod 644 {} \;
# allow wordpress to manage wp-config.php (but prevent world access)
chgrp ${WS_GROUP} ${WP_ROOT}/wp-config.php
chmod 660 ${WP_ROOT}/wp-config.php
# allow wordpress to manage wp-content
#find ${WP_ROOT}/wp-content -exec chgrp ${WS_GROUP} {} \;
#find ${WP_ROOT}/wp-content -type d -exec chmod 775 {} \;
#find ${WP_ROOT}/wp-content -type f -exec chmod 664 {} \;
# modification when wp-content obfuscated
find ${WP_ROOT}/${WP_CONTENT} -exec chgrp ${WS_GROUP} {} \;
find ${WP_ROOT}/${WP_CONTENT} -type d -exec chmod 775 {} \;
find ${WP_ROOT}/${WP_CONTENT} -type f -exec chmod 664 {} \;
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment