How to automatically set File System Permissions for a WordPress Web Server with a BASH Script

How to automatically set File System Permissions for a WordPress Web Server with a BASH Script

Everyone who wants to make his WordPress web site more secure should definitely spend at least one hour of his life reading the Hardening WordPress chapter of the WP official guide: this is an extremely long list of security countermeasures that any good Webmaster should implement (or ask its System Administrator to implement) not only to strengthen his WordPress installation, yet also to increase his overall knowledge of the WP platform.

In this post we’ll deal with one of the most important aspects of that chapter: File Permissions. Choosing those guidelines will grealy reduce the chances for our web site to get hacked, because we will prevent our attackers from the chance to “accidentally” download some reserved file, execute a script or even inject some pesky commands using a zero-day exploit.

Manually set these permissions can be troublesome, expecially on Linux, where most GUI interfaces don’t allow to do that in a structured way. At the same time, doing it manually will also be highly unefficient, other than prone to human error: there’s simply no chace that we won’t risk to lose something – be it a file or an entire folder – here and there, expecially if we do have a lot of WP plugins, media files, themes, skins and disk data of any sort.

In an attempt to ease up such task we came out with this bash script that can be used to automatically set the required amount of permissions throughout the whole WordPress-based website. Cut the content, then paste it to a new file, save it as   in a folder of your choice (such as   ) and execute it in the following way:

By using this script anyone will be able to perform the proper amount of ACL changes in few seconds: on top of that, he will be able to repeat the exact same task to any other website, thus ensuring that every one of them will adopt the same permission set.

Without further ado, here’s the script:

Feel free to change it to better suit your specific scenario.

To execute it, write the following:

The script will need some minutes to do the job: have patience and let it finish.

That’s about it, at least for now: enjoy your server!

 

RELATED POSTS

About Ryan

IT Project Manager, Web Interface Architect and Lead Developer for many high-traffic web sites & services hosted in Italy and Europe. Since 2010 it's also a lead designer for many App and games for Android, iOS and Windows Phone mobile devices for a number of italian companies.

View all posts by Ryan