~jamesponddotco/wpmod

WordPress file permissions hardening tool written in Go.
~jamesponddotco/wpmod-devel

New mailing list added

7 months ago
~jamesponddotco/wpmod-discuss

New mailing list added

7 months ago

#wpmod

wpmod is a simple tool written in Go that sets WordPress' file and directory permissions to the ones recommended by the WordPress core team. The tool also improves permissions for the wp-config.php file and the /mu-plugins/ directory if --strict is used; testing is recommended.

I got tired of seeing plugins and users changing permissions and breaking everything, so I wrote this as a solution. Set it to run every N hours with a cron job and you should be good to go.

#Installation

#From source

First install the dependencies:

  • Go 1.21 or above.
  • make.
  • scdoc.

Then compile and install:

make
sudo make install

#Usage

$ wpmod --help
NAME:
   wpmod - harden WordPress' file permissions

USAGE:
   wpmod [global options] [arguments...]

VERSION:
   0.1.0

GLOBAL OPTIONS:
   --path value, -p value   path to the WordPress installation
   --user value, -u value   user for file ownership
   --group value, -g value  group for file ownership
   --strict, -s             enable strict file permission mode (default: false)
   --help, -h               show help
   --version, -v            print the version

See wpmod(1) after installing for more information.

#Contributing

Anyone can help make wpmod better. Send patches on the mailing list and report bugs on the issue tracker.

You must sign-off your work using git commit --signoff. Follow the Linux kernel developer's certificate of origin for more details.

All contributions are made under the GPL-2.0 license.

#Resources

The following resources are available:


Released under the GPL-2.0 license.