Skip to content

Instantly share code, notes, and snippets.

@milanchymcak

milanchymcak/wp-permissions-crontab.md

Last active May 29, 2022 22:48
Show Gist options
  • Save milanchymcak/55ce9cb92d6b2e1aa156f0fac63bd90d to your computer and use it in GitHub Desktop.
Save milanchymcak/55ce9cb92d6b2e1aa156f0fac63bd90d to your computer and use it in GitHub Desktop.
Download ZIP
WordPress Permissions - Crontab to keep your WP directory secure
Raw
wp-permissions-crontab.md

Add using crontab -e

Replace /var/www/<domain> with the actual path to your WordPress directory

644 permissions for all files

# All files in our WordPress directory should have 644 permissions rw-r--r--
0 0 * * 0 find /var/www/<domain> -type f ! -perm  644 -exec chmod 644 {} \; >/dev/null 2>&1

750 permissions for all sub-directories

Some plugins or themes can require 755 in /wp-content/* They will generally notify you about this.

# All subdirectories in our WordPress directory should have 750 permissions rw-rrwxr-xr-xr--
0 0 * * 0 find /var/www/<domain> -type d ! -perm  750 -exec chmod 750 {} \; >/dev/null 2>&1

440 permissions for wp-config

# WP config file should be hardened to 440 permissions -r--r-----
# It should be 440 or 400 to prevent other users on the server from reading it.
0 0 * * * chmod -R 440 /var/www/<domain>/public_html/wp-config.php >/dev/null 2>&1

444 permissions for index.php in public_html folder

# 444 for the index.php is for higher security -r--r--r-- 
0 0 * * * chmod -R 444 /var/www/<domain>/public_html/index.php >/dev/null 2>&1
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment