Last active
July 5, 2017 15:14
-
-
Save jult/6458c4af0ca8bce5de08 to your computer and use it in GitHub Desktop.
wordpress permissions hell
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| WP_OWNER=lamedude # <-- wordpress owner (usually also ftp-username) | |
| WP_GROUP=psaserv # <-- wordpress group | |
| WP_ROOT=/var/www/vhosts/somesite.tld/httpdocs # <-- wordpress root directory, note it's the docroot here, not wp default | |
| WS_GROUP=psacln # <-- webserver group | |
| # reset to safe defaults | |
| find ${WP_ROOT} -exec chown ${WP_OWNER}:${WP_GROUP} {} \; | |
| find ${WP_ROOT} -type d -exec chmod 2755 {} \; | |
| find ${WP_ROOT} -type f -exec chmod 644 {} \; | |
| # allow wordpress to manage wp-config.php (but still prevent world access) | |
| chgrp ${WS_GROUP} ${WP_ROOT}/wp-config.php | |
| chmod 660 ${WP_ROOT}/wp-config.php | |
| # if not there, allow wordpress to manage .htaccess, better to move this into apache/nginx config and disable htaccess allowances | |
| touch ${WP_ROOT}/.htaccess | |
| chgrp ${WS_GROUP} ${WP_ROOT}/.htaccess | |
| chmod 664 ${WP_ROOT}/.htaccess | |
| # make sure wordpress can manage wp-content | |
| find ${WP_ROOT}/wp-content -exec chgrp ${WS_GROUP} {} \; | |
| find ${WP_ROOT}/wp-content -type d -exec chmod 2775 {} \; | |
| find ${WP_ROOT}/wp-content -type f -exec chmod 664 {} \; | |
| # config SElinux the right way; | |
| chmod 775 ${WP_ROOT} | |
| chcon -R -t httpd_sys_content_rw_t ${WP_ROOT} | |
| exit 0 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment