Skip to content

Instantly share code, notes, and snippets.

Show Gist options
  • Save marcuspaget/2da4b6c2b20f895ae71f3c435100cb39 to your computer and use it in GitHub Desktop.
Save marcuspaget/2da4b6c2b20f895ae71f3c435100cb39 to your computer and use it in GitHub Desktop.
Fix wordpress file permissions
#!/bin/bash
#
# This script configures WordPress file permissions based on recommendations
# from http://codex.wordpress.org/Hardening_WordPress#File_permissions
#
# Author: Michael Conigliaro <mike [at] conigliaro [dot] org>
#
# - Mark: Added checking for root user and passing a directory name
[ `id -u` -eq 0 ] || {
echo "`id -u` not zero i.e. root"
exit 1
}
[ $# -ne 1 ] && {
echo "Usage: $0 wordpress-root"
echo "Example: $0 /var/www/wordpress"
exit 1
}
WP_OWNER=www-data # <-- wordpress owner
WP_GROUP=www-data # <-- wordpress group
WP_ROOT=$1 # <-- wordpress root directory
WS_GROUP=www-data # <-- webserver group
# reset to safe defaults
find ${WP_ROOT} -exec chown ${WP_OWNER}:${WP_GROUP} {} \;
find ${WP_ROOT} -type d -exec chmod 755 {} \;
find ${WP_ROOT} -type f -exec chmod 644 {} \;
# allow wordpress to manage wp-config.php (but prevent world access)
chgrp ${WS_GROUP} ${WP_ROOT}/wp-config.php
chmod 660 ${WP_ROOT}/wp-config.php
# allow wordpress to manage wp-content
find ${WP_ROOT}/wp-content -exec chgrp ${WS_GROUP} {} \;
find ${WP_ROOT}/wp-content -type d -exec chmod 775 {} \;
find ${WP_ROOT}/wp-content -type f -exec chmod 664 {} \;
@marcuspaget
Copy link
Author

marcuspaget commented Mar 13, 2019

@Adirael proposed few changes to capture running as root and ensuring passing a directory to fix-wordpress-permissions.sh

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment