njpanderson/fix-wordpress-permissions.sh

## fix-wordpress-permissions.sh
#!/bin/bash
#
# This script configures WordPress file permissions based on recommendations
# from http://codex.wordpress.org/Hardening_WordPress#File_permissions
#
# Original Author: Michael Conigliaro <mike [at] conigliaro [dot] org>
# Edited By: Neil Anderson <njp.anderson [at] icloud [dot] com>
#
# This script is provided AS-IS and no warranty is implied. You use this file
# AT YOUR OWN RISK and I cannot be held responsible if it damages, corrupts,
# deletes or otherwise compromises your server or the filesystem within it.
# Please exersize caution when running shell scripts as they may contain
# potentially destructive commands, and ONLY run them if you are confident in
# their contents and intended purpose.
if [ $# -eq 0 ]; then
	echo "./wordpress-permissions.sh [ftp-user] [/path/to/wordpress/root]"
	exit 1
fi

WP_OWNER=$1 # <-- ftp owner
WP_GROUP=$1 # <-- ftp group
WP_ROOT=$2 # <-- wordpress root directory
WS_GROUP=www-data # <-- webserver group

# reset to safe defaults
find ${WP_ROOT} -exec chown ${WP_OWNER}:${WP_GROUP} {} \;
find ${WP_ROOT} -type d -exec chmod 755 {} \;
find ${WP_ROOT} -type f -exec chmod 644 {} \;

# allow wordpress to manage wp-config.php (but prevent world access)
chgrp ${WS_GROUP} ${WP_ROOT}/wp-config.php
chmod 660 ${WP_ROOT}/wp-config.php

# allow wordpress to manage wp-content
chgrp ${WS_GROUP} ${WP_ROOT}/wp-content

# allow wordpress to manage wp-content contents (except themes and plugins)
find ${WP_ROOT}/wp-content \( -path ${WP_ROOT}/wp-content/themes -o -path ${WP_ROOT}/wp-content/plugins \) -prune -o -exec chgrp ${WS_GROUP} {} \;
find ${WP_ROOT}/wp-content \( -path ${WP_ROOT}/wp-content/themes -o -path ${WP_ROOT}/wp-content/plugins \) -prune -o -type d  -exec chmod 775 {} \;
find ${WP_ROOT}/wp-content \( -path ${WP_ROOT}/wp-content/themes -o -path ${WP_ROOT}/wp-content/plugins \) -prune -o -type f -exec chmod 775 {} \;
	#!/bin/bash
	#
	# This script configures WordPress file permissions based on recommendations
	# from http://codex.wordpress.org/Hardening_WordPress#File_permissions
	#
	# Original Author: Michael Conigliaro <mike [at] conigliaro [dot] org>
	# Edited By: Neil Anderson <njp.anderson [at] icloud [dot] com>
	#
	# This script is provided AS-IS and no warranty is implied. You use this file
	# AT YOUR OWN RISK and I cannot be held responsible if it damages, corrupts,
	# deletes or otherwise compromises your server or the filesystem within it.
	# Please exersize caution when running shell scripts as they may contain
	# potentially destructive commands, and ONLY run them if you are confident in
	# their contents and intended purpose.
	if [ $# -eq 0 ]; then
	echo "./wordpress-permissions.sh [ftp-user] [/path/to/wordpress/root]"
	exit 1
	fi

	WP_OWNER=$1 # <-- ftp owner
	WP_GROUP=$1 # <-- ftp group
	WP_ROOT=$2 # <-- wordpress root directory
	WS_GROUP=www-data # <-- webserver group

	# reset to safe defaults
	find ${WP_ROOT} -exec chown ${WP_OWNER}:${WP_GROUP} {} \;
	find ${WP_ROOT} -type d -exec chmod 755 {} \;
	find ${WP_ROOT} -type f -exec chmod 644 {} \;

	# allow wordpress to manage wp-config.php (but prevent world access)
	chgrp ${WS_GROUP} ${WP_ROOT}/wp-config.php
	chmod 660 ${WP_ROOT}/wp-config.php

	# allow wordpress to manage wp-content
	chgrp ${WS_GROUP} ${WP_ROOT}/wp-content

	# allow wordpress to manage wp-content contents (except themes and plugins)
	find ${WP_ROOT}/wp-content \( -path ${WP_ROOT}/wp-content/themes -o -path ${WP_ROOT}/wp-content/plugins \) -prune -o -exec chgrp ${WS_GROUP} {} \;
	find ${WP_ROOT}/wp-content \( -path ${WP_ROOT}/wp-content/themes -o -path ${WP_ROOT}/wp-content/plugins \) -prune -o -type d -exec chmod 775 {} \;
	find ${WP_ROOT}/wp-content \( -path ${WP_ROOT}/wp-content/themes -o -path ${WP_ROOT}/wp-content/plugins \) -prune -o -type f -exec chmod 775 {} \;