iAugur/fpd.sh

## fpd.sh
#!/bin/bash
#
# Lock down a Drupal site's file permissions
#
# I have adapted this from Vivek Gite
# Adapted to add Drupal specific: www-data (apache users) to own
# default/files and settings.php and have rights to write to files
#
#
# Vivek Gite: Header
# Purpose: Set correct webserver files and dir permissions Author: Vivek
# Gite < vivek@nixcraft.com > This script is released under GPL version
# 2.0 or above Set root permission as follows for the Apache / Lighttpd
# / Nginx DocumentRoot + Dirs/Subdirs: read-only and execute to others +
# Files: read-only permission Tested on Debian Linux v3/4/5/6 and RHEL
# v2/3/4/5/6
#
#
#
## -------------------------------------------------------------------------------------------------
_dir="${1:-.}"
_fperm="0644"
_dperm="0755"
_ugperm="<youruser>:<yourgroup>"
_wsperm="www-data:www-data"
_chmod="chmod"
_chown="chown"
_find="find"
_xargs="xargs"
# drupal specific files
_wsfperm="0644"
_wsfilesdir="$_dir/sites/default/files"
_wsrfperm="0440"
_settingsfile="$_dir/sites/default/settings.php"

echo "I will change the file permission for webserver dir and files to restrictive read-only mode for \"$_dir\""
read -p "Your current dir is ${PWD}. Are you sure (y / n) ?" ans

if [ "$ans" == "y" ]
then
  echo "Changing file ownership to $_ugperm for $_dir..."
  $_chown -R "${_ugperm}" "$_dir"

  echo "Setting $_fperm permission for $_dir directory...."
  $_chmod -R "${_fperm}" "$_dir"

  echo "Setting Drupal Files $_wsperm permission for $_wsfilesdir directory...."
  $_chmod -R "${_wsfperm}" "${_wsfilesdir}"
  $_chown -R "${_wsperm}" "${_wsfilesdir}"
  echo "Setting Drupal Settings File $_wsfperm permission for $_settingsfile file...."
  $_chown -R "${_wsperm}" "${_settingsfile}"
  $_chmod -R "${_wsrfperm}" "${_settingsfile}"

  echo "Setting $_dperm permission for $_dir directory...."
  $_find "$_dir" -type d -print0 | $_xargs -0 -I {} $_chmod $_dperm {}
fi
	#!/bin/bash
	#
	# Lock down a Drupal site's file permissions
	#
	# I have adapted this from Vivek Gite
	# Adapted to add Drupal specific: www-data (apache users) to own
	# default/files and settings.php and have rights to write to files
	#
	#
	# Vivek Gite: Header
	# Purpose: Set correct webserver files and dir permissions Author: Vivek
	# Gite < vivek@nixcraft.com > This script is released under GPL version
	# 2.0 or above Set root permission as follows for the Apache / Lighttpd
	# / Nginx DocumentRoot + Dirs/Subdirs: read-only and execute to others +
	# Files: read-only permission Tested on Debian Linux v3/4/5/6 and RHEL
	# v2/3/4/5/6
	#
	#
	#
	## -------------------------------------------------------------------------------------------------
	_dir="${1:-.}"
	_fperm="0644"
	_dperm="0755"
	_ugperm="<youruser>:<yourgroup>"
	_wsperm="www-data:www-data"
	_chmod="chmod"
	_chown="chown"
	_find="find"
	_xargs="xargs"
	# drupal specific files
	_wsfperm="0644"
	_wsfilesdir="$_dir/sites/default/files"
	_wsrfperm="0440"
	_settingsfile="$_dir/sites/default/settings.php"

	echo "I will change the file permission for webserver dir and files to restrictive read-only mode for \"$_dir\""
	read -p "Your current dir is ${PWD}. Are you sure (y / n) ?" ans

	if [ "$ans" == "y" ]
	then
	echo "Changing file ownership to $_ugperm for $_dir..."
	$_chown -R "${_ugperm}" "$_dir"

	echo "Setting $_fperm permission for $_dir directory...."
	$_chmod -R "${_fperm}" "$_dir"

	echo "Setting Drupal Files $_wsperm permission for $_wsfilesdir directory...."
	$_chmod -R "${_wsfperm}" "${_wsfilesdir}"
	$_chown -R "${_wsperm}" "${_wsfilesdir}"
	echo "Setting Drupal Settings File $_wsfperm permission for $_settingsfile file...."
	$_chown -R "${_wsperm}" "${_settingsfile}"
	$_chmod -R "${_wsrfperm}" "${_settingsfile}"

	echo "Setting $_dperm permission for $_dir directory...."
	$_find "$_dir" -type d -print0 \| $_xargs -0 -I {} $_chmod $_dperm {}
	fi