#!/bin/bash # # wordpress-tools # https://git.stack-source.com/msb/wordpress-tools # Copyright (c) 2022 Matthew Saunders Brown \ # GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) if [ "${EUID}" -ne 0 ]; then echo "You must be root to run this installer." exit fi if [ ! -f "/usr/local/bin/vhost.sh" ]; then echo "NOTICE: This package requires that Vhost Stack is installed first." echo "https://git.stack-source.com/msb/vhost-stack" exit 1 fi # download & install wp-cli curl -O https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar mv wp-cli.phar /usr/local/bin/wp chmod +x /usr/local/bin/wp # configure wp-cli bash completion cp etc/bash_completion.d/wp-cli /etc/bash_completion.d/ chmod 644 /etc/bash_completion.d/wp-cli # install wp user scripts cp local/bin/wp-* /usr/local/bin chmod 755 /usr/local/bin/wp-* # install & enable wp systemd cron cp local/sbin/wp-cron.sh /usr/local/sbin/ chmod 755 /usr/local/sbin/wp-cron.sh if [[ ! -d /usr/local/lib/systemd/system ]]; then mkdir -p /usr/local/lib/systemd/system fi cp local/systemd/wp-cron.* /usr/local/lib/systemd/system/ chmod 644 /usr/local/lib/systemd/system/wp-cron.* systemctl enable wp-cron.timer systemctl start wp-cron.timer # enable wp-security, restricts access to wordpress directories cp etc/apache2/conf-available/wp-security.conf /etc/apache2/conf-available/wp-security.conf chmod 644 /etc/apache2/conf-available/wp-security.conf a2enconf wp-security systemctl reload apache2 # fail2ban wordpress configs if [[ -d /etc/fail2ban/ ]]; then chmod 644 etc/fail2ban/filter.d/* cp -a etc/fail2ban/filter.d/* /etc/fail2ban/filter.d/ chmod 644 etc/fail2ban/jail.d/* cp -a etc/fail2ban/jail.d/* /etc/fail2ban/jail.d/ systemctl restart fail2ban else echo "Fail2ban not installed, skipping fail2ban wordpress configs." fi