ericmagnuson/ResetWordPressPermissions.sh

## ResetWordPressPermissions.sh
#!/bin/bash
#
# Written by Michael Conigliaro <mike@conigliaro.org>
# Updated by Eric Magnuson <eric@ericmagnuson.me>
# MIT License (http://opensource.org/licenses/MIT)
#
# This script configures WordPress file permissions based on recommendations
# from http://codex.wordpress.org/Hardening_WordPress#File_permissions
#
# Instructions:
#
# 1) Download the script
# 2) Make the script executable: chmod +x ./ResetWordPressPermissions.sh
# 3) Run the script and follow the prompts: ./ResetWordPressPermissions.sh
#
# Alternatively, run the script from Github (without saving it to your
# computer) by using the following command:
#
# bash <(curl -s https://gist.githubusercontent.com/ericmagnuson/d32ec81e48f0f8b2734f57f683fed72a/raw/51cfba5f07a2a858d39c3f3597f867f1ae0f2d8c/ResetWordPressPermissions.sh)

white=$(tput setaf 7)
blue=$(tput setaf 6)
green=$(tput setaf 2)
red=$(tput setaf 1)
nc=$(tput sgr0) # No Color

# Ask for chars per inch variable
read -e -p "${blue}Enter the path to your WordPress directory (if you're running this in the WP root, enter .):${nc} " WP_ROOT
read -e -p "${blue}Enter the user who should own the WordPress directory (typically, this is you):${nc} " WP_OWNER
read -e -p "${blue}Enter the group who should should own the WordPress directory (typically, this is either your group or your web user's group, e.g. www-data):${nc} " WP_GROUP
read -e -p "${blue}Enter the name of your web group (e.g. www-data):${nc} " WS_GROUP

WP_ROOT=${WP_ROOT:'.'}
WP_OWNER=${WP_OWNER:USER}
WP_GROUP=${WP_GROUP:'www-data'}
WS_GROUP=${WS_GROUP:'www-data'}

# reset to safe defaults
find ${WP_ROOT} -exec chown ${WP_OWNER}:${WP_GROUP} -v {} \;
find ${WP_ROOT} -type d -exec chmod 755 -v {} \;
find ${WP_ROOT} -type f -exec chmod 644 -v {} \;

# allow wordpress to manage wp-config.php (but prevent world access)
chgrp ${WS_GROUP} -v ${WP_ROOT}/wp-config.php
chmod 660 -v ${WP_ROOT}/wp-config.php

# allow wordpress to manage wp-content
find ${WP_ROOT}/wp-content -exec chgrp ${WS_GROUP} -v {} \;
find ${WP_ROOT}/wp-content -type d -exec chmod 775 -v {} \;
find ${WP_ROOT}/wp-content -type f -exec chmod 664 -v {} \;
	#!/bin/bash
	#
	# Written by Michael Conigliaro <mike@conigliaro.org>
	# Updated by Eric Magnuson <eric@ericmagnuson.me>
	# MIT License (http://opensource.org/licenses/MIT)
	#
	# This script configures WordPress file permissions based on recommendations
	# from http://codex.wordpress.org/Hardening_WordPress#File_permissions
	#
	# Instructions:
	#
	# 1) Download the script
	# 2) Make the script executable: chmod +x ./ResetWordPressPermissions.sh
	# 3) Run the script and follow the prompts: ./ResetWordPressPermissions.sh
	#
	# Alternatively, run the script from Github (without saving it to your
	# computer) by using the following command:
	#
	# bash <(curl -s https://gist.githubusercontent.com/ericmagnuson/d32ec81e48f0f8b2734f57f683fed72a/raw/51cfba5f07a2a858d39c3f3597f867f1ae0f2d8c/ResetWordPressPermissions.sh)

	white=$(tput setaf 7)
	blue=$(tput setaf 6)
	green=$(tput setaf 2)
	red=$(tput setaf 1)
	nc=$(tput sgr0) # No Color

	# Ask for chars per inch variable
	read -e -p "${blue}Enter the path to your WordPress directory (if you're running this in the WP root, enter .):${nc} " WP_ROOT
	read -e -p "${blue}Enter the user who should own the WordPress directory (typically, this is you):${nc} " WP_OWNER
	read -e -p "${blue}Enter the group who should should own the WordPress directory (typically, this is either your group or your web user's group, e.g. www-data):${nc} " WP_GROUP
	read -e -p "${blue}Enter the name of your web group (e.g. www-data):${nc} " WS_GROUP

	WP_ROOT=${WP_ROOT:'.'}
	WP_OWNER=${WP_OWNER:USER}
	WP_GROUP=${WP_GROUP:'www-data'}
	WS_GROUP=${WS_GROUP:'www-data'}

	# reset to safe defaults
	find ${WP_ROOT} -exec chown ${WP_OWNER}:${WP_GROUP} -v {} \;
	find ${WP_ROOT} -type d -exec chmod 755 -v {} \;
	find ${WP_ROOT} -type f -exec chmod 644 -v {} \;

	# allow wordpress to manage wp-config.php (but prevent world access)
	chgrp ${WS_GROUP} -v ${WP_ROOT}/wp-config.php
	chmod 660 -v ${WP_ROOT}/wp-config.php

	# allow wordpress to manage wp-content
	find ${WP_ROOT}/wp-content -exec chgrp ${WS_GROUP} -v {} \;
	find ${WP_ROOT}/wp-content -type d -exec chmod 775 -v {} \;
	find ${WP_ROOT}/wp-content -type f -exec chmod 664 -v {} \;