#!/bin/bash## You will need pwgen in order for this to workecho "Enter your

1. #!/bin/bash
2.  
3. ## You will need pwgen in order for this to work
4.  
5. echo "Enter your webroot directory"
6. webrootdir=/home/admin/web/
7. echo "For example where domain names and public html directories are located, like here: $webrootdir: "
8. read webrootdir;
9. leftovers=no
10. echo "Check for leftovers only? (yes/no) - default $leftovers"
11. read leftovers;
12.  
13. echo "Spammers";
14. grep cwd /var/log/exim/main.log | grep -v /var/spool | awk -F"cwd=" '{print $2}' | awk '{print $1}' | sort | uniq -c | sort -n
15.  
16. for domaindir in $(ls $webrootdir)
17. do
18. webdir="$webrootdir$domaindir/public_html";
19. echo $webdir;
20. cd $webdir;
21. if [ "$leftovers" = "no" ]
22. then
23. multisite=$(grep "'MULTISITE'" wp-config.php | cut -d',' -f2 | sed -r "s/[\'\)\;]+//g" | sed 's/\s//g');
24. dbname=$(grep "DB_NAME" wp-config.php | cut -d',' -f2 | sed -r "s/['\)\;]+//g" | sed 's/\s//g');
25. dbuser=$(grep "DB_USER" wp-config.php | cut -d',' -f2 | sed -r "s/[\'\)\;]+//g" | sed 's/\s//g');
26. dbprefix=$(grep "\$table_prefix" wp-config.php | cut -d'=' -f2 | sed -r "s/[\'\)\;\"]+//g" | sed 's/\s//g');
27. type pwgen > /dev/null 2>&1 || { sudo yum install pwgen; }
28. dbpass=$(pwgen -ysBv 15 1);
29.  
30. echo "Database name: $dbname";
31. echo "Database user: $dbuser";
32. echo "Database password: $dbpass";
33.  
34. sudo /usr/local/vesta/bin/v-change-database-password admin $dbname $dbpass
35. if [ "$multisite" = "true" ]
36. then
37. domain=$(grep "DOMAIN_CURRENT_SITE" wp-config.php | cut -d',' -f2 | sed -r "s/[\'\)\;]+//g" | sed 's/\s//g');
38. fi
39.  
40. mv wp-content/ ..;
41. for uploadsdir in $(ls ../wp-content/uploads/)
42. do
43.  
44. if [[ "$uploadsdir" =~ ^[0-9]+$ ]]
45. then
46. find ../wp-content/uploads/$uploadsdir -type f -name "*.php" -o -name "*.js" -o -name "*.phtml" -exec rm -rf {} \; -print
47. fi
48.  
49. if [[ "$uploadsdir" = "sites" ]]
50. then
51. for sitesdir in $(ls ../wp-content/uploads/$uploadsdir/)
52. do
53. for sitedatedir in $(ls ../wp-content/uploads/$uploadsdir/$sitesdir/)
54. do
55. if [[ "$sitedatedir" =~ ^[0-9]+$ ]]
56. then
57. find ../wp-content/uploads/$uploadsdir/$sitesdir/$sitedatedir -type f -name "*.php" -o -name "*.js" -o -name "*.phtml" -exec rm -rf {} \; -print
58. fi
59. done
60. done
61. fi
62. done
63. rm -rf *;
64. rm -rf .htaccess;
65. rm -rf .ftpquota;
66. rm -rf .user.ini;
67. wp core download;
68. rm -rf wp-content;
69. mv ../wp-content .;
70. if [ "$multisite" = "true" ]
71. then
72. wp config create --dbprefix=$dbprefix --dbname=$dbname --dbuser=$dbuser --dbpass=$dbpass --force --extra-php << PHP
73. define('WP_MEMORY_LIMIT', '256M');
74. define('WP_MAX_MEMORY_LIMIT', '512M');
75. define( 'SUNRISE', 'on' );
76. define( 'WP_ALLOW_MULTISITE', true );
77. define( 'MULTISITE', true );
78. define( 'SUBDOMAIN_INSTALL', false );
79. define( 'DOMAIN_CURRENT_SITE', '$domain' );
80. define( 'PATH_CURRENT_SITE', '/' );
81. define( 'SITE_ID_CURRENT_SITE', 1 );
82. define( 'BLOG_ID_CURRENT_SITE', 1 );
83. PHP
84. else
85. wp config create --dbprefix=$dbprefix --dbname=$dbname --dbuser=$dbuser --dbpass=$dbpass --force --extra-php << PHP
86. define('WP_MEMORY_LIMIT', '256M');
87. define('WP_MAX_MEMORY_LIMIT', '512M');
88. PHP
89. fi
90. wp theme install $(wp theme list --field=name) --force;
91. if wp tgmpa-plugin info &> /dev/null; then
92. wp tgmpa-plugin install --all --force
93. fi
94. wp plugin install $(wp plugin list --field=name) --force;
95. fi
96. wp plugin update-all
97. wp theme update-all
98.  
99. echo "Not cleaned recently modified files";
100. find . -mtime -2 -ls;
101. echo "Base 64 encryption using files";
102. grep -ril base64 *;
103. echo "Probably infected leftovers"
104. find wp-content/uploads/ -type f -not -name "*.jpg" -not -name "*.png" -not -name "*.gif" -not -name "*.jpeg"
105. done