#!/bin/bashtest -e /tmp/found-wp-instances || find /home/ -type f -name "wp-lo

1. #!/bin/bash
2.  
3. test -e /tmp/found-wp-instances || find /home/ -type f -name "wp-login.php" > /tmp/found-wp-instances
4.  
5. time while read -r wp; do
6. #Set variables
7. user=$(echo "$wp"|cut -d/ -f3)
8. domain=$(echo "$wp"|cut -d/ -f5)
9. wp_htaccess=${wp//wp-login.php/.htaccess}
10. wp_htpasswd=${wp//wp-login.php/.htpasswd}
11. password=$(openssl rand -base64 12)
12.  
13. #Generate htpassword file
14. echo "Securing $domain"
15. if [ -f "$wp_htpasswd" ]; then
16. htpasswd -b "$wp_htpasswd" "$user" "$password"
17. else
18. htpasswd -bc "$wp_htpasswd" "$user" "$password"
19. fi
20.  
21. #Append directives to htaccess file
22. cat <<- HTACCESS >> "$wp_htaccess"
23. <FilesMatch "wp-login.php">
24. AuthType Basic
25. AuthName "Secure Area"
26. AuthUserFile "$wp_htpasswd"
27. require valid-user
28. </FilesMatch>
29. HTACCESS
30.  
31. #Add details to password list
32. echo "$domain $user $password" >> /root/wp-pass-list
33.  
34. done < /tmp/found-wp-instances