-
-
Save Adirael/3383404 to your computer and use it in GitHub Desktop.
#!/bin/bash | |
# | |
# This script configures WordPress file permissions based on recommendations | |
# from http://codex.wordpress.org/Hardening_WordPress#File_permissions | |
# | |
# Author: Michael Conigliaro <mike [at] conigliaro [dot] org> | |
# | |
WP_OWNER=www-data # <-- wordpress owner | |
WP_GROUP=www-data # <-- wordpress group | |
WP_ROOT=$1 # <-- wordpress root directory | |
WS_GROUP=www-data # <-- webserver group | |
# reset to safe defaults | |
find ${WP_ROOT} -exec chown ${WP_OWNER}:${WP_GROUP} {} \; | |
find ${WP_ROOT} -type d -exec chmod 755 {} \; | |
find ${WP_ROOT} -type f -exec chmod 644 {} \; | |
# allow wordpress to manage wp-config.php (but prevent world access) | |
chgrp ${WS_GROUP} ${WP_ROOT}/wp-config.php | |
chmod 660 ${WP_ROOT}/wp-config.php | |
# allow wordpress to manage wp-content | |
find ${WP_ROOT}/wp-content -exec chgrp ${WS_GROUP} {} \; | |
find ${WP_ROOT}/wp-content -type d -exec chmod 775 {} \; | |
find ${WP_ROOT}/wp-content -type f -exec chmod 664 {} \; |
WP_ROOT=$1 # <-- wordpress root directory
$1 need to be replace with the path to wordpress root directory, or, is it obtained otherwise?
Just use it like "fix-wordpress-permissions.sh /var/www/your-wordpress-folder"
@ZeroCool In bash, $1 is the first command line argument given to your program (see : https://stackoverflow.com/questions/29258603/what-do-0-1-2-mean-in-shell-script). As said by https://gist.github.com/Adirael/3383404#gistcomment-3133780, if you want the script to point to your wordpress folder, you have to call it with, as first argument, a string that contains the path to your wordpress folder.
Oh ! Ok.
Then i can make the same in my script.
https://gist.github.com/ZerooCool/4a22e96a52c4268b68679e4269e66f73
But, i use read, and not $1.
OMG - thanks so much - a few echo 's would have been icing on the cake - maybe i will fork it :-) thank you
I'm using centos/cpanel/litespeed and I have the following error:
chown: invalid user: www-data:www-data
chgrp: invalid group: www-data
how should I fix it ?
@msesxi
I use VPS with Openlitespeed 1.6.8 try change group with nogroup and user with nobody
should be like this :
WP_OWNER=nobody # <-- wordpress owner (if you use shared host, but if use VPS like me try your user and group instead)
WP_GROUP=nogroup # <-- wordpress group
WP_ROOT=$1 # <-- wordpress root directory
WS_GROUP=nogroup # <-- webserver group
Great improvements in these forks:
- with validation of input parameter: https://gist.github.com/kyleskrinak/3f78dff0ab8526c2cf20
- with confirm questions to continue: https://gist.github.com/blizzrdof77/f35dc9fd404414ba0f97066e747219d2
I added those and anhanced it in a Github repository here:
especially those is an enhancement:
PS4="# "; set -x
: ::: Change owner and group. Put this line in a cronjob if you plan to both upload by Wordpress, which is usually the user www-data, and autodeploy by WP_OWNER regularly:
find ${WP_ROOT} -not '(' -user ${WP_OWNER} -a -group ${WP_GROUP} ')' -exec chown $VERBOSE ${WP_OWNER}:${WP_GROUP} {} \;
: ::: Resetting permissions to safe defaults
find ${WP_ROOT} -type d -not -perm 755 -exec chmod 755 {} \;
find ${WP_ROOT} -type f -not -perm 644 -exec chmod 644 {} \;
: ::: Allowing wordpress to manage wp-config.php, but prevent world access
chgrp ${WWW_GROUP} ${WP_ROOT}/wp-config.php
chmod 660 ${WP_ROOT}/wp-config.php
: ::: Allowing wordpress to manage wp-content
find ${WP_ROOT}/wp-content -not -group ${WWW_GROUP} -exec chgrp $VERBOSE ${WWW_GROUP} {} \;
find ${WP_ROOT}/wp-content -type d -not -perm 775 -exec chmod 775 {} \;
find ${WP_ROOT}/wp-content -type f -not -perm 664 -exec chmod 664 {} \;
Now I use the passage of the site by parameter.
I revised my script which seems to work perfectly for CHMOD.
I still encounter a problem for chown, when I am in production, however, the chown work good when I am in local.
I'll check that out, and read your examples again.
If anyone wishes to test my script, I would like to have your opinion.
I am looking to use a more dynamic script, which will give the administrator more choice.
This script will modify CHOWN and CHMOD, depending on whether one is in development or in production.
This script also allows to configure the following files in a specific way (index.html index.htm index.php, configuration.php, wp-config.php, LocalSettings.php)
Thank you!
Anyone guide me where I paste that query to solve my problem.......?Or tell me how I put my .sh file to fix that bug.Thanks.Waiting for reply.
@M-Faizan480 it is a script not a web query. You need shell / ssh access to your server. Login to the Linux terminal of your host then execute the file.
Many thanks for this. It works like a charm.
It's 2020. Still works like a charm! Thank you 👍
Isn't putting everything to www-data going to be insecure?
www-data is for developpement.
root or other is for production
If you use root, a file can't be modified by apache
For exemple, if you use a CMS ( WP / Joomla ... ) and if all your file is for root, a CMS update can't change the existing files.
Then, your CMS is a little more protected. Only root can change the good right. Use www-data:www-data for apply a CMS update and protect all file with root:root or root:www-data ( need read more information for that. )
still I am getting the errors although I did what you have suggested . I am using architect theme
this is the message :
Fatal error: Uncaught Error: Call to undefined function ctype_xdigit()
in /hermes/bosnacweb05/bosnacweb05ab/b1567/ipg.zohair9856655/mysite.com/wordpress/wp-content/plugins/redux-framework/redux-core/inc/classes/class-redux-colors.php on line 205
Call stack:
Redux_Colors::sanitize_hex()
wp-content/plugins/redux-framework/redux-core/inc/classes/class-redux-colors.php:276
Redux_Colors::sanitize_color()
wp-content/plugins/redux-framework/redux-core/inc/validation/color/class-redux-validation-color.php:42
Redux_Validation_Color::validate()
wp-content/plugins/redux-framework/redux-core/inc/classes/class-redux-validate.php:39
Redux_Validate::__construct()
wp-content/plugins/redux-framework/redux-core/inc/classes/class-redux-validation.php:197
Redux_Validation::validate()
wp-content/plugins/redux-framework/redux-core/inc/classes/class-redux-options-constructor.php:907
Redux_Options_Constructor::validate_options()
wp-includes/class-wp-hook.php:289
WP_Hook::apply_filters()
wp-includes/plugin.php:206
apply_filters()
wp-includes/formatting.php:4899
sanitize_option()
wp-includes/option.php:368
update_option()
wp-admin/options.php:314
thanks
Hi all,
I am a complete nitwit here. Can someone explain to me step by step from the beginning what I have to do correct the error with cropping photo's? Thanks in advance.
I'm not really sure if you are at the right place to find a solution for correcting the error with cropping photos!!
This is a shell file to fix the permissions of files used in Wordpress.
like magic
If you are having "No such file or directory" problems and you use windows to upload the file a quick fix is changing the format to unix again:
#vim fix_permision.sh
:set fileformat=unix
:wq
#sh fix_permision.sh
Thank you!! This worked, while everything else on internet failed.
Thanks, it works very well
I'm using centos/cpanel/litespeed and I have the following error:
chown: invalid user: www-data:www-data
chgrp: invalid group: www-data
how should I fix it ?@msesxi I use VPS with Openlitespeed 1.6.8 try change group with nogroup and user with nobody should be like this : WP_OWNER=nobody # <-- wordpress owner (if you use shared host, but if use VPS like me try your user and group instead) WP_GROUP=nogroup # <-- wordpress group WP_ROOT=$1 # <-- wordpress root directory WS_GROUP=nogroup # <-- webserver group
Yeeaaa, something like this... Not sure if just, they didn't mention cpanel in the mix... or cloudlinux specific ontop centos...
From my current research nobody is right, but not the nogroup.
Just stumbled back upon this piece out of a general 403 error troubleshoot KB:
Incorrect File Ownership After Migration[¶](https://docs.litespeedtech.com/lsws/cp/cpanel/403-error/#incorrect-file-ownership-after-
migration)
When migrating or uploading files to a cPanel account, some image files might incorrectly be assigned to nobody:nobody, when they should be user:user./home/jsmith/public_html>ls -ald images/detailed/130/Untitled-1-Recovered_urba-uz.jpg
-rw-rw-rw- 1 nobody nobody 103609 Apr 12 11:21 images/detailed/130/Untitled-1-Recovered_urba-uz.jpg
/home/jsmith/public_html>ls -ald images/detailed/130
drwxrwxrwx 2 nobody nobody 36864 Apr 14 15:12 images/detailed/130
/home/jsmith/public_html>ls -ald images/detailed
drwxrwxrwx 51 jsmith jsmith 4096 Apr 11 13:16 images/detailed
/home/jsmith/public_html>ls -ald images
drwxrwxrwx 48 jsmith jsmith 4096 Mar 31 16:30 images
The Force Strict Ownership setting in LSWS Admin specifies whether to enforce strict file ownership checking. If it is enabled, the web server will check if the owner of the file being served is the same as the owner of the virtual host. If it is different, a 403 Access Denied error will be returned.To fix the problem, either change all files user:group to user:user ( in the above example, that would be jsmith:jsmith), or disable Force Strict Ownership in LSWS Admin.
leaving these tabs open now, think I'm going to make a master doc on this craziness lol. Likely become very popular since it's been a nightmare getting all the right little config info on this lsws cpanel cl setup lol. Installed CL manually on linode with custom distribution installation and custom recommended for performance cpanel partitions. That was a 3 - 5 day battle lol. Documented the heck out of that one... Literally could not find one person on the net with a guide on custom install Cloudlinux 8, for cPanel specific partition setup. Definitely gave me some food feature requests for linode tho lolol.
you did it nicely when back then there was not chatgpt! Cheers!
even after a decade this is my go to fix.
WP_ROOT=$1 # <-- wordpress root directory
$1 need to be replace with the path to wordpress root directory, or, is it obtained otherwise?