Die for wp-login and xmlrpc

1. #!/bin/bash
2.  
3. # WordPress Security hardener script for non-membership blogs w/o password protected pages. Prevent execution of wp-login.php and xmlrpc.php
4. # How to login? Simply copy original wp-login.php to random filename, rename wp-login.php to new filename inside and use it to login to WP
5.  
6. BASE_WPS_PATH="/home/user/public_html" # define base account PATH
7. WP_DIRS=(site1 site2 site3) # enter directory names for WP installations
8. WPS_LOG_FILE="wps_hardening.log" # log filename
9.  
10. DATE=$( date +%Y-%m-%dT%TZ%z )
11. echo "$DATE Protection check started..." >>"$BASE_WPS_PATH/wpl_guardian.log"
12.  
13. for WP_DIR_PATH in ${WP_DIRS[@]}
14. do
15.  
16.     # WP-LOGIN
17.     # Define full file path to protect
18.     FILE_PATH="$BASE_WPS_PATH/$WP_DIR_PATH/wp-login.php"
19.  
20.     # Check does file exists
21.     if [ -f "$FILE_PATH" ]; then
22.         # Check if file does not have protection
23.         if ! grep -Fxq '<?php die(); ?>' $FILE_PATH
24.             then
25.                 # Log protection action
26.                 echo "$DATE Protected $FILE_PATH" >>"$BASE_WPS_PATH/$WPS_LOG_FILE"
27.                 # Now protect file
28.                 sed -i '1s/^/<?php die(); ?>\n/' $FILE_PATH
29.         fi
30.     fi
31.  
32.     # XML-RPC
33.     # Define full file path to protect
34.     FILE_PATH="$BASE_WPS_PATH/$WP_DIR_PATH/xmlrpc.php"
35.  
36.     # Check does file exists
37.     if [ -f "$FILE_PATH" ]; then
38.         # Check if file does not have protection
39.         if ! grep -Fxq '<?php die(); ?>' $FILE_PATH
40.             then
41.                 # Log protection action
42.                 echo "$DATE Protected $FILE_PATH" >>"$BASE_WPS_PATH/$WPS_LOG_FILE"
43.                 # Now protect file
44.                 sed -i '1s/^/<?php die(); ?>\n/' $FILE_PATH
45.         fi
46.     fi
47.  
48. done
49.  
50. echo "$DATE Protection check finished." >>"$BASE_WPS_PATH/$WPS_LOG_FILE"
51. echo "- - - - - - -" >>"$BASE_WPS_PATH/$WPS_LOG_FILE"