github/myvesta
1
0
Fork 0
mirror of https://github.com/myvesta/vesta synced 2025-08-14 18:49:21 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

Lock WordPress files if they are potentially infected

Browse source
This commit is contained in:
myvesta 2023-01-19 17:55:44 +01:00 committed by GitHub
commit efc2be9f71
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 70 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

70
bin/v-lock-wordpress Normal file
View file

@ -0,0 +1,70 @@
#!/bin/bash
# info: Lock WordPress files if they are potentially infected (somewhere) by PHP malware, in order to stop further infection
# options: DOMAIN
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
whoami=$(whoami)
if [ "$whoami" != "root" ]; then
echo "You must be root to execute this script"
exit 1
fi
# Argument definition
domain=$1
user=$(/usr/local/vesta/bin/v-search-domain-owner $domain)
if [ -z "$user" ]; then
check_result $E_NOTEXIST "domain $domain doesn't exist"
fi
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
check_args '1' "$#" 'DOMAIN'
is_format_valid 'domain'
is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user"
if [ ! -d "/home/$user" ]; then
echo "User doesn't exist";
exit 1;
fi
if [ ! -d "/home/$user/web/$domain/public_html" ]; then
echo "Domain doesn't exist";
exit 1;
fi
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
cd /home/$user/web/$domain/public_html
# lock files
chown -R www-data:www-data public_html/
# unlock /wp-content/uploads/ for uploading
chown -R $user:$user public_html/wp-content/uploads/
# block .php execution inside /wp-content/uploads/
cat <<EOF >public_html/wp-content/uploads/.htaccess
RewriteEngine on
RewriteRule ^.*\.(?:php[1-6]?|pht|phtml?)$ - [NC,F]
EOF
chown root:root public_html/wp-content/uploads/.htaccess
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
echo "v-lock-wordpress: Done."
log_event "$OK" "$ARGUMENTS"
exit