wpmod is a simple tool written in Go that sets WordPress' file and
directory permissions to the ones recommended by the WordPress core
team.
The tool also improves permissions for the wp-config.php file and the
/mu-plugins/ directory if --strict is used; testing is recommended.
I got tired of seeing plugins and users changing permissions and breaking everything, so I wrote this as a solution. Set it to run every N hours with a cron job and you should be good to go.
First install the dependencies:
- Go 1.21 or above.
- make.
- scdoc.
Then compile and install:
make
sudo make install$ wpmod --help
NAME:
wpmod - harden WordPress' file permissions
USAGE:
wpmod [global options] [arguments...]
VERSION:
0.1.0
GLOBAL OPTIONS:
--path value, -p value path to the WordPress installation
--user value, -u value user for file ownership
--group value, -g value group for file ownership
--strict, -s enable strict file permission mode (default: false)
--help, -h show help
--version, -v print the versionSee wpmod(1) after installing for more information.
Anyone can help make wpmod better. Send patches on the mailing
list and report bugs
on the issue tracker.
You must sign-off your work using git commit --signoff. Follow the
Linux kernel developer's certificate of
origin
for more details.
All contributions are made under the GPL-2.0 license.
The following resources are available:
- Support and general discussions.
- Patches and development related questions.
- Instructions on how to prepare patches.
- Feature requests and bug reports.
Released under the GPL-2.0 license.