0

I'm running into security issues with multiple Wordpress websites, and I need to recursively change the ownership (and permissions) for folder "wp-content" (and whatever is inside them).

I need to find all the folders named wp-content (there are several) and change them and all their contents so that they're owned by nginx:nginx with permissions 755 for folders and 644 for files.

I can't figure out a way to find those folders and then change the ownership.

Any clues? :/

Improve this question
0

3 Answers 3

Reset to default
2

You could use GNU find and GNU xargs to search for the wp-content directories and pass the result NUL-terminated to a shell script:

find /path/to/directory -type d -name 'wp-content' -print0 | xargs -0 sh -c '
  for dir; do
    # change user and group recursively to nginx
    chown -R nginx:nginx "$dir"

    # change dirs to 755
    find "$dir" -type d -exec chmod 755 {} +

    # change files to 644
    find "$dir" -type f -exec chmod 644 {} +
  done
' sh

Alternatively, you could save the script part in a shell script myscript.sh:

#!/bin/sh

for dir; do
  # change user and group recursively to nginx
  chown -R nginx:nginx "$dir"

  # change dirs to 755
  find "$dir" -type d -exec chmod 755 {} +

  # change files to 644
  find "$dir" -type f -exec chmod 644 {} +
done

Then make the shell script executable with

chmod +x myscript.sh

and run find (not necessarily the GNU implementation) using the -exec action and pass the result to the script:

find /path/to/directory -type d -name 'wp-content' -exec ./myscript.sh {} +
Improve this answer
2
  • 1
    GNU's -print0 | xargs -0 sh -c '...' sh could be replaced with the standard -exec sh -c '...' {} + here. You'd probably want to make it -prune -exec ... as there's no point looking for more wp-content dirs inside the wp-content ones. Commented Jul 2, 2020 at 11:07
  • You can also use chmod u=rwX,g=rX,o=rX to cover both directory and regular files in the same chmod invocation (still can't use chmod -R though if you don't want to change the permissions of files that are neither regular nor directory). Commented Jul 2, 2020 at 11:11
0

You could do something like:

LC_ALL=C find . '(' -name wp-content -type d -o \
                    -path '*/wp-content/*' '(' -type d -o -type f ')' \
                ')' -exec chown nginx:nginx {} + \
                    -exec chmod u=rwX,g=rX,o=rX {} +

That way, you're crawling the directory only once and running as few invocations of chown and chmod as necessary and only changing the ownership/permissions of directory and regular files (excluding symlinks, devices, fifos...).

With some find implementations, you can simplify '(' -type d -o -type f ')' to -type f,d.

Improve this answer
0

It can be done using below command as well.

find some-folder-path -type d -name wp-content -exec chown new-user:new-group {} \;

The above command will change ownership and group of all folders having name wp-content.

find some-folder-path -type d -exec chmod 755 {} \;
find some-folder-path -type f -exec chmod 644 {} \;

The above command will change permission of files to 644 and of folders to 755.

Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.