Advertisement
urosevic

Die for wp-login and xmlrpc

Oct 18th, 2017
170
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. #!/bin/bash
  2.  
  3. # WordPress Security hardener script for non-membership blogs w/o password protected pages. Prevent execution of wp-login.php and xmlrpc.php
  4. # How to login? Simply copy original wp-login.php to random filename, rename wp-login.php to new filename inside and use it to login to WP
  5.  
  6. BASE_WPS_PATH="/home/user/public_html" # define base account PATH
  7. WP_DIRS=(site1 site2 site3) # enter directory names for WP installations
  8. WPS_LOG_FILE="wps_hardening.log" # log filename
  9.  
  10. DATE=$( date +%Y-%m-%dT%TZ%z )
  11. echo "$DATE Protection check started..." >>"$BASE_WPS_PATH/wpl_guardian.log"
  12.  
  13. for WP_DIR_PATH in ${WP_DIRS[@]}
  14. do
  15.  
  16.     # WP-LOGIN
  17.     # Define full file path to protect
  18.     FILE_PATH="$BASE_WPS_PATH/$WP_DIR_PATH/wp-login.php"
  19.  
  20.     # Check does file exists
  21.     if [ -f "$FILE_PATH" ]; then
  22.         # Check if file does not have protection
  23.         if ! grep -Fxq '<?php die(); ?>' $FILE_PATH
  24.             then
  25.                 # Log protection action
  26.                 echo "$DATE Protected $FILE_PATH" >>"$BASE_WPS_PATH/$WPS_LOG_FILE"
  27.                 # Now protect file
  28.                 sed -i '1s/^/<?php die(); ?>\n/' $FILE_PATH
  29.         fi
  30.     fi
  31.  
  32.     # XML-RPC
  33.     # Define full file path to protect
  34.     FILE_PATH="$BASE_WPS_PATH/$WP_DIR_PATH/xmlrpc.php"
  35.  
  36.     # Check does file exists
  37.     if [ -f "$FILE_PATH" ]; then
  38.         # Check if file does not have protection
  39.         if ! grep -Fxq '<?php die(); ?>' $FILE_PATH
  40.             then
  41.                 # Log protection action
  42.                 echo "$DATE Protected $FILE_PATH" >>"$BASE_WPS_PATH/$WPS_LOG_FILE"
  43.                 # Now protect file
  44.                 sed -i '1s/^/<?php die(); ?>\n/' $FILE_PATH
  45.         fi
  46.     fi
  47.  
  48. done
  49.  
  50. echo "$DATE Protection check finished." >>"$BASE_WPS_PATH/$WPS_LOG_FILE"
  51. echo "- - - - - - -" >>"$BASE_WPS_PATH/$WPS_LOG_FILE"
Advertisement
RAW Paste Data Copied
Advertisement