Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/bin/bash
- # WordPress Security hardener script for non-membership blogs w/o password protected pages. Prevent execution of wp-login.php and xmlrpc.php
- # How to login? Simply copy original wp-login.php to random filename, rename wp-login.php to new filename inside and use it to login to WP
- BASE_WPS_PATH="/home/user/public_html" # define base account PATH
- WP_DIRS=(site1 site2 site3) # enter directory names for WP installations
- WPS_LOG_FILE="wps_hardening.log" # log filename
- DATE=$( date +%Y-%m-%dT%TZ%z )
- echo "$DATE Protection check started..." >>"$BASE_WPS_PATH/wpl_guardian.log"
- for WP_DIR_PATH in ${WP_DIRS[@]}
- do
- # WP-LOGIN
- # Define full file path to protect
- FILE_PATH="$BASE_WPS_PATH/$WP_DIR_PATH/wp-login.php"
- # Check does file exists
- if [ -f "$FILE_PATH" ]; then
- # Check if file does not have protection
- if ! grep -Fxq '<?php die(); ?>' $FILE_PATH
- then
- # Log protection action
- echo "$DATE Protected $FILE_PATH" >>"$BASE_WPS_PATH/$WPS_LOG_FILE"
- # Now protect file
- sed -i '1s/^/<?php die(); ?>\n/' $FILE_PATH
- fi
- fi
- # XML-RPC
- # Define full file path to protect
- FILE_PATH="$BASE_WPS_PATH/$WP_DIR_PATH/xmlrpc.php"
- # Check does file exists
- if [ -f "$FILE_PATH" ]; then
- # Check if file does not have protection
- if ! grep -Fxq '<?php die(); ?>' $FILE_PATH
- then
- # Log protection action
- echo "$DATE Protected $FILE_PATH" >>"$BASE_WPS_PATH/$WPS_LOG_FILE"
- # Now protect file
- sed -i '1s/^/<?php die(); ?>\n/' $FILE_PATH
- fi
- fi
- done
- echo "$DATE Protection check finished." >>"$BASE_WPS_PATH/$WPS_LOG_FILE"
- echo "- - - - - - -" >>"$BASE_WPS_PATH/$WPS_LOG_FILE"
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement