Fix WordPress File Permission

permissions.sh

#!/bin/bash -ex
#
# configures wordpress file permissions based on recommendations
# from http://codex.wordpress.org/Hardening_WordPress#File_permissions
#
# script is aware of .git directories by default. edit if you need to consider
# other folders as well.
#
# you will find a log file in /tmp/ in case you fucked up.

WP_OWNER=www-data # <-- wordpress owner
WP_GROUP=www-data # <-- wordpress group
WP_ROOT=$(pwd) # <-- wordpress root directory / run from root or edit
WS_GROUP=www-data # <-- webserver group
LOG=`mktemp "${TMPDIR:-/tmp}"/permissions.XXXXXXXXXX` # create log

# reset to safe defaults
find ${WP_ROOT} -not -iwholename '*.git*' -exec chown -v ${WP_OWNER}:${WP_GROUP} {} \; >> $LOG
find ${WP_ROOT} -not -iwholename '*.git*' -type d -exec chmod -v 755 {} \; >> $LOG
find ${WP_ROOT} -not -iwholename '*.git*' -type f -exec chmod -v 644 {} \; >> $LOG

# allow wordpress to manage wp-config.php (but prevent world access)
chgrp -v ${WS_GROUP} ${WP_ROOT}/wp-config.php >> $LOG
chmod -v 660 ${WP_ROOT}/wp-config.php >> $LOG

# allow wordpress to manage .htaccess
touch ${WP_ROOT}/.htaccess 
chgrp -v ${WS_GROUP} ${WP_ROOT}/.htaccess >> $LOG
chmod -v 664 ${WP_ROOT}/.htaccess >> $LOG

# allow wordpress to manage wp-content
find ${WP_ROOT}/wp-content -exec chgrp -v ${WS_GROUP} {} \; >> $LOG
find ${WP_ROOT}/wp-content -type d -exec chmod -v 775 {} \; >> $LOG
find ${WP_ROOT}/wp-content -type f -exec chmod -v 664 {} \; >> $LOG

wget -O - https://gist.githubusercontent.com/icetee/d79c93b79cdde9255d7b8787615facf8/raw/permissions.sh | sudo sh