A simple script to secure wordpress installations

gnux_wp-security-hammer.sh

#!/bin/sh 

set -u
set -e 

echo "WP Security Hammer v0.1"
echo "======================="
echo "Target directory: $TARGET"
echo "Looking for files leading to information disclosure..."
while read -r FILE ; do 
 if [ -f "$TARGET/$FILE" ]; then
    echo "* Removing $FILE !"
    rm -f "$TARGET/$FILE"
  fi
done << MARK
phpinfo.php
wp-admin/install.php
wp-admin/upgrade.php
wp-content/themes/axa/config.rb
wp-content/themes/axa/go%20compass.bat
license.txt
wp-content/plugins/regenerate-thumbnails/readme.txt
wp-content/plugins/wordpress-seo/readme.txt
wp-content/plugins/multiple-post-thumbnails/readme.txt
wp-content/plugins/better-wp-security/readme.txt
wp-content/plugins/wordfence/readme.txt
wp-content/plugins/tinymce-advanced/readme.txt
wp-content/plugins/duplicate-post/readme.txt
wp-content/plugins/advanced-custom-fields/readme.txt
wp-content/plugins/search-everything/readme.txt
wp-content/plugins/acf-repeater/readme.txt
wp-content/plugins/post-types-order/readme.txt
wp-content/plugins/better-wp-security/history.txt
wp-content/plugins/better-wp-security/lib/icon-fonts/history.txt
wp-content/plugins/better-wp-security/core/history.txt
wp-content/plugins/wordpress-seo/license.txt
wp-content/plugins/wordpress-seo/changelog.txt
MARK
echo "Done."


echo "Setting right permissions on files & directories."
while read -r PERM FILE; do 
  if [ -e "$TARGET/$FILE" ]; then
    echo "* Setting permissions to $PERM on $FILE !"
    chmod "$PERM" "$TARGET/$FILE"
  fi
done << MARK
0755 .
0755 wp-includes
0755 wp-admin
0755 wp-admin/js
0755 wp-content
0755 wp-content/themes
0755 wp-content/plugins
0755 wp-content/uploads
0444 wp-config.php
0444 .htaccess
0444 wp-admin/.htaccess
MARK
echo "Done."

exit 0