Archive

Archive for April, 2009

WordPress Security – Locking Down Permissions on WordPress Files

April 20th, 2009 No comments

Many WordPress administrators use the popular WordPress security plugin “WP Security Scan”. In doing so you get a new administrative link at the bottom of your WordPress Dashboard labeled “Security”. If you drill down into this menu, Dashboard>Security>Scanner, the WP Security Scan plugin will check your WordPress file and directory permissions and give their recommendations. If you have a number of WordPress web sites this can become a chore to change manually.

Here is a little script to do that for you. It is self explanatory and can be ran even if your not using the WP Security Scan plugin.

Here is the script:

#!/bin/bash

# Secures the WordPress directory.
# Must be ran from the WordPress root directory.
# examples – wordpresschmod.sh html or wordpresschmod.sh blog

if [ $# -ne 1 ]; then
echo
echo “Usage $0
echo “Example $0 html or $0 blog”
echo
exit 1;
fi

DIR=$1
echo
echo “chmod -R 755 $DIR”
echo
chmod -R 755 $DIR
echo
echo “chmod 644 $DIR/.htaccess”
echo
chmod 644 $DIR/.htaccess
echo
echo “chmod 644 $DIR/wp-admin/index.php”
echo
chmod 644 $DIR/wp-admin/index.php
echo
echo “File Permission Security Changes Complete”
echo

exit 0;