Bash Automation (Automatic WordPress Repair)

  1. Home
  2. Labs
  3. Automation
  4. Bash Automation (Automatic WordPress Repair)
GUI Automation (Workstation Startup) Ansible Automation (System Updates) Bash Automation (Automatic WordPress Repair)

Problem: We have WordPress sites that get infected at work. Quite often, hackers attack the wp-admin and wp-includes folders. Furthermore, customers don't normally customize those folders. Sometimes, all that's needed is restoring those folders and removing infected plugins.

Solution: I wrote a one-liner that automates and assists in the repair. It automatically does the following:

  1. Checks what version of WordPress that they have.
  2. Notes the ticket number.
  3. Downloads a stock copy of that same version.
  4. Makes a backup of their wp-admin and wp-includes folders.
  5. Restores their wp-admin and wp-includes folders.
  6. Sets the appropriate permissions.
  7. Leaves a copy of the download in case any other files or folders need restoring.
  8. Gives you a cleanup command for when you're done.

Tools utilized for this project

  • bash
  • shell scripting

The one-liner

cPanel version

#Replace core files, download and restore a fresh core from WordPress.org
LWWPFIXUSER=;LWWPFIXWPINSTALL=;LWWPFIXTICKET=;cd /home/$LWWPFIXUSER/public_html/$LWWPFIXWPINSTALL;LWWPFIXVER=$(grep wp_version wp-includes/version.php | tail -1 | sed 's/ //g' | sed 's/$wp_version=//g' | sed "s/'//g" | sed 's/;//g');mkdir wp-core-lw-wpfix;cd wp-core-lw-wpfix;LWWPFIXDLFILE="WordPress-";LWWPFIXDLFILE+=$LWWPFIXVER;LWWPFIXDLFILE+=".tar.gz";LWWPFIXURL="https://WordPress.org/";LWWPFIXURL+=$LWWPFIXDLFILE;wget $LWWPFIXURL;tar -xzvf $LWWPFIXDLFILE;cd ..;find wp-core-lw-wpfix -type d -exec chmod 755 {} \;;find wp-core-lw-wpfix -type f -exec chmod 644 {} \;;LWWPFIXOWNER=`ls -ld wp-includes | cut --delimiter=" " --fields="3"`;LWWPFIXGROUP=`ls -ld wp-includes | cut --delimiter=" " --fields="4"`;chown -R $LWWPFIXOWNER:$LWWPFIXGROUP wp-core-lw-wpfix;mv wp-includes wp-includes-lw-suspected-"$LWWPFIXTICKET";mv wp-core-lw-wpfix/WordPress/wp-includes wp-includes;mv wp-admin wp-admin-lw-suspected-"$LWWPFIXTICKET";mv wp-core-lw-wpfix/WordPress/wp-admin wp-admin;echo "ls -rf "$PWD"/wp-core-lw-wpfix"

Plesk version

#Replace core files, download and restore a fresh core from WordPress.org
LWWPFIXUSER=;LWWPFIXWPINSTALL=;LWWPFIXTICKET=;cd /var/www/vhosts/$LWWPFIXUSER/httpdocs/$LWWPFIXWPINSTALL;LWWPFIXVER=$(grep wp_version wp-includes/version.php | tail -1 | sed 's/ //g' | sed 's/$wp_version=//g' | sed "s/'//g" | sed 's/;//g');mkdir wp-core-lw-wpfix;cd wp-core-lw-wpfix;LWWPFIXDLFILE="WordPress-";LWWPFIXDLFILE+=$LWWPFIXVER;LWWPFIXDLFILE+=".tar.gz";LWWPFIXURL="https://WordPress.org/";LWWPFIXURL+=$LWWPFIXDLFILE;wget $LWWPFIXURL;tar -xzvf $LWWPFIXDLFILE;cd ..;find wp-core-lw-wpfix -type d -exec chmod 755 {} \;;find wp-core-lw-wpfix -type f -exec chmod 644 {} \;;LWWPFIXOWNER=`ls -ld wp-includes | cut --delimiter=" " --fields="3"`;LWWPFIXGROUP=`ls -ld wp-includes | cut --delimiter=" " --fields="4"`;chown -R $LWWPFIXOWNER:$LWWPFIXGROUP wp-core-lw-wpfix;mv wp-includes wp-includes-lw-suspected-"$LWWPFIXTICKET";mv wp-core-lw-wpfix/WordPress/wp-includes wp-includes;mv wp-admin wp-admin-lw-suspected-"$LWWPFIXTICKET";mv wp-core-lw-wpfix/WordPress/wp-admin wp-admin;echo "ls -rf "$PWD"/wp-core-lw-wpfix"

Setup

  1. Change to the document root of the website.
  2. Set LWWPFIXUSER to the cPanel or Plesk user.
  3. Set LWWPFIXWPINSTALL to the document root of the website.
  4. Set LWWPFIXTICKET to the ticket number.

Run the one-liner