diff --git a/bin/v-change-db-password-to-all-wordpress b/bin/v-change-database-password-for-all-wordpress similarity index 93% rename from bin/v-change-db-password-to-all-wordpress rename to bin/v-change-database-password-for-all-wordpress index b31edb80..ad922cc2 100644 --- a/bin/v-change-db-password-to-all-wordpress +++ b/bin/v-change-database-password-for-all-wordpress @@ -26,7 +26,7 @@ for user in $(grep '@' /etc/passwd |cut -f1 -d:); do for domain in $(/usr/local/vesta/bin/v-list-web-domains $user plain |cut -f 1); do if [ -f "/home/$user/web/$domain/public_html/wp-config.php" ]; then - /usr/local/vesta/bin/v-change-db-password-to-wordpress $domain + /usr/local/vesta/bin/v-change-database-password-for-wordpress $domain $user echo "--------------------------------" fi done diff --git a/bin/v-change-db-password-to-wordpress b/bin/v-change-database-password-for-wordpress similarity index 92% rename from bin/v-change-db-password-to-wordpress rename to bin/v-change-database-password-for-wordpress index d7ce1782..e318edde 100644 --- a/bin/v-change-db-password-to-wordpress +++ b/bin/v-change-database-password-for-wordpress @@ -1,8 +1,8 @@ #!/bin/bash -# info: change db password to wordpress database +# info: change database password for wordpress # options: # -# The command is used for changing db password to wordpress database. +# The command is used for changing database password for wordpress. #----------------------------------------------------------# @@ -21,7 +21,12 @@ source /etc/profile # Argument definition domain=$1 -user=$(/usr/local/vesta/bin/v-search-domain-owner $domain) +# Check if number of arguments is 2 +if [ $# -eq 2 ]; then + user=$2 +else + user=$(/usr/local/vesta/bin/v-search-domain-owner $domain) +fi USER=$user if [ -z "$user" ]; then diff --git a/bin/v-change-wp-admins-pass b/bin/v-change-wordpress-admins-pass similarity index 93% rename from bin/v-change-wp-admins-pass rename to bin/v-change-wordpress-admins-pass index 44870b58..9028cd10 100644 --- a/bin/v-change-wp-admins-pass +++ b/bin/v-change-wordpress-admins-pass @@ -59,14 +59,14 @@ echo "$ADMIN_LIST_CSV" | while IFS=',' read -r PID PLOGIN PEMAIL; do done echo -echo "For each admin choose: (d) delete, (c) change password, (s) skip." +echo "For each admin choose: (d) delete, (c) change password, (s) skip, (x) exit." # interactive loop -echo "$ADMIN_LIST_CSV" | while IFS=',' read -r ID LOGIN EMAIL; do +while IFS=',' read -r ID LOGIN EMAIL; do [ -n "$EMAIL" ] && TARGET="$LOGIN <$EMAIL>" || TARGET="$LOGIN" while true; do echo "-------------------------------------" - read -r -p "Action for \"$TARGET\" [d/c/s]? " ACT < /dev/tty + read -r -p "Action for \"$TARGET\" [d/c/s/x]? " ACT < /dev/tty case "$ACT" in [Dd]* ) read -r -p "Really DELETE \"$TARGET\" ? ('y' or ENTER for yes / 'n' for no) " CONF < /dev/tty @@ -109,15 +109,20 @@ echo "$ADMIN_LIST_CSV" | while IFS=',' read -r ID LOGIN EMAIL; do echo "Skipping $TARGET." break ;; - * ) echo "Please answer d, c, or s." ;; + [Xx]* ) + echo "Exiting." + exit 0 + ;; + * ) echo "Please answer d, c, s, or x." ;; esac done -done +done <<< "$ADMIN_LIST_CSV" #----------------------------------------------------------# # flush cache and refresh all security salts # #----------------------------------------------------------# +echo "-------------------------------------" echo echo "Flushing cache and refreshing salts..." @@ -129,4 +134,5 @@ echo "Cache flushed and salts refreshed." echo echo "Done." + exit 0 diff --git a/bin/v-desinfect-wp b/bin/v-desinfect-wordpress similarity index 77% rename from bin/v-desinfect-wp rename to bin/v-desinfect-wordpress index e1ddc65d..4de2f779 100644 --- a/bin/v-desinfect-wp +++ b/bin/v-desinfect-wordpress @@ -27,25 +27,15 @@ if [ -z "$user" ]; then exit 1 fi -# choose the correct admin-password script (with or without the ā€œsā€) -if [ -x /usr/local/vesta/bin/v-change-wp-admin-pass ]; then - admin_pass_script="/usr/local/vesta/bin/v-change-wp-admin-pass" -elif [ -x /usr/local/vesta/bin/v-change-wp-admins-pass ]; then - admin_pass_script="/usr/local/vesta/bin/v-change-wp-admins-pass" -else - admin_pass_script="" -fi - # absolute paths to maintenance scripts, in desired order declare -a tasks=( - "/usr/local/vesta/bin/v-change-db-password-to-wordpress" - "/usr/local/vesta/bin/v-fix-wp-core" + "/usr/local/vesta/bin/v-change-database-password-for-wordpress" + "/usr/local/vesta/bin/v-change-wordpress-admins-pass" + "/usr/local/vesta/bin/v-fix-wordpress-core" "/usr/local/vesta/bin/v-wf-malware-hyperscan-with-remediate" + "INTERACTIVE=1 /usr/local/vesta/bin/v-wf-malware-hyperscan-with-remediate" ) -# append the admin script if we found one -[ -n "$admin_pass_script" ] && tasks+=("$admin_pass_script") - # -------------------------------------------------------- # # execution strategy # # -------------------------------------------------------- # diff --git a/bin/v-fix-user-permissions b/bin/v-fix-user-permissions index e55b5e0f..991ada62 100644 --- a/bin/v-fix-user-permissions +++ b/bin/v-fix-user-permissions @@ -52,6 +52,7 @@ find /home/$user/conf/ -type d -exec chown root:root {} \; find /home/$user/web/*/public_html/ -type d -exec chmod 755 {} + find /home/$user/web/*/public_html/ -type f -exec chmod 644 {} + find /home/$user/web/*/public_html/ -exec chown $user:$user {} \; +find /home/$user/web/*/ -name "*.php" -type f -exec chmod 600 {} + echo "Done, permissions fixed for user: $user" diff --git a/bin/v-fix-website-permissions b/bin/v-fix-website-permissions index a63954eb..c79fe443 100644 --- a/bin/v-fix-website-permissions +++ b/bin/v-fix-website-permissions @@ -18,7 +18,13 @@ source /etc/profile # Argument definition domain=$1 -user=$(/usr/local/vesta/bin/v-search-domain-owner $domain) +# Check if number of arguments is 2 +if [ $# -eq 2 ]; then + user=$2 +else + user=$(/usr/local/vesta/bin/v-search-domain-owner $domain) +fi +USER=$user # Includes source /usr/local/vesta/func/main.sh @@ -27,8 +33,6 @@ if [ -z "$user" ]; then check_result $E_NOTEXIST "domain $domain doesn't exist" fi -USER=$user - #----------------------------------------------------------# # Verifications # #----------------------------------------------------------# @@ -54,14 +58,28 @@ fi # Going to domain directory cd /home/$USER/web/$domain +# Ownership check +if [ -f "public_html/index.php" ]; then + owner=$(stat -c '%U' "public_html/index.php") + if [ "$owner" = "root" ] || [ "$owner" = "www-data" ]; then + echo "Skipping permission fix for $domain, because v-lock-wordpress is used (index.php is owned by $owner)" + exit 1 + fi +fi + + echo "Updating permissions for /home/$USER/web/$domain/public_html/" find public_html/ -type d -exec chmod 755 {} + find public_html/ -type f -exec chmod 644 {} + chown -R $USER:$USER public_html/ +# Setting chmod 600 for all php files +echo "= Setting chmod 600 for all php files" +find -name "*.php" -type f -exec chmod 600 {} + + #----------------------------------------------------------# # Vesta # #----------------------------------------------------------# echo "Permissions for $domain have been successfully updated." -exit +exit 0 diff --git a/bin/v-fix-website-permissions-for-all-websites b/bin/v-fix-website-permissions-for-all-websites new file mode 100644 index 00000000..9b1501bd --- /dev/null +++ b/bin/v-fix-website-permissions-for-all-websites @@ -0,0 +1,41 @@ +#!/bin/bash +# info: fix website permissions for all websites +# options: +# +# The command is used for fixing website permissions for all websites on the server. + + +#----------------------------------------------------------# +# Variable&Function # +#----------------------------------------------------------# + +# Importing system variables +source /etc/profile + +# Includes +source $VESTA/func/main.sh + +#----------------------------------------------------------# +# Action # +#----------------------------------------------------------# + +for user in $(grep '@' /etc/passwd |cut -f1 -d:); do + if [ ! -f "/usr/local/vesta/data/users/$user/user.conf" ]; then + continue; + fi + + for domain in $(/usr/local/vesta/bin/v-list-web-domains $user plain |cut -f 1); do + /usr/local/vesta/bin/v-fix-website-permissions $domain $user + echo "--------------------------------" + done + +done + +#----------------------------------------------------------# +# Vesta # +#----------------------------------------------------------# + +# Logging +log_event "$OK" "$ARGUMENTS" + +exit diff --git a/bin/v-fix-wp-core b/bin/v-fix-wordpress-core similarity index 100% rename from bin/v-fix-wp-core rename to bin/v-fix-wordpress-core diff --git a/bin/v-unlock-wordpress b/bin/v-unlock-wordpress index 1e2cccc6..4a2c42c3 100644 --- a/bin/v-unlock-wordpress +++ b/bin/v-unlock-wordpress @@ -58,6 +58,8 @@ chown -R $user:$user public_html/ rm public_html/wp-content/uploads/.htaccess +/usr/local/vesta/bin/v-fix-website-permissions $domain + #----------------------------------------------------------# # Vesta # #----------------------------------------------------------#