Managing Permissions

Sometimes you need to make sure that the permissions for web accessible directories are correct (especially were recently asked to review a rather large existing website for security flaws). As a general rule of thumb it is safe for directories to be 755 and files to be 644. There are some easy ways to do this.

The easiest way to change permissions in bulk is the recursive chmod:

chmod -R 755 /directory

Unfortunately this has its own issues in that this will change everything, it doesn’t make it easy to have directories and files have different permissions. My fix for this is a few simple commands.

To set files below your current directory:
find . -type f -exec chmod 644 {} \;

To set directories below your current directory:
find . -type d -exec chmod 755 {} \;

Sometimes this blanket statement isn’t enough. For instance this will pretty much only work for static html website since no files will be executable. If you run these two commands on a website running something that needs to be executable (PHP or some form of CGI for example).
find . -type f -name \*.php -exec chmod 755 {} \;

Easy Recursive Find and Replace Using find and sed

When working with websites (especially when moving them from one server to another) you sometimes need to edit either all or at least many of the files that make up the site to change paths or connection strings (this is generally only a problem if the site is coded poorly and doesn’t allow for these to be set in a single file!).  Sometimes this action can require manually opening hundreds of files and looking for the lines that need to be edited.  This article is a brief tutorial which can save you hundreds of hours.

Changing database server hostnames/usernames/passwords etc.:

find . -type f -exec sed -i~ s/old text/new text/g {} \;

Sometimes you don’t need to replace part of a line, lets say you need to remove lines, maybe you about to hand over a perl powered website to somebody you really dont like and you want to remove all of your code comments!

find -type f -exec sed -i '/string/d' {} \;

Also, if your string contains the / character you will either need to use a different delimiter for sed or escape the character with \ when it appears in the string. For example to remove single line php comments:

find -type f -exec sed -i '/\/\//d' {} \;

or

find -type f -exec sed -i '_//_d' {} \;

As always, if you have any questions or even suggestions about this article drop me a line in the comments!

Quicker WordPress Install

I was creating a new installation of WordPress today for development area of a new website and while I was setting up the site the thought came to me about how much I absolutely HATE having to download the zip then unzip and upload the file contents to a server that I don’t have SSH access to. After a couple of seconds of thought I decided to hash out this script that downloads the latest zip, unzips it, moves the content of the WordPress folder (which will be there by default) to the folder where you placed the file then redirects to index.php so you immediately start the install!

<?php
system (‘wget http://wordpress.org/latest.zip/’);
system (‘unzip latest.zip’);
system (‘mv wordpress/* ./’);
system (‘rm -rf wordpress’);
system (‘rm latest.php installer.php’);
?>
<html>
<head>
<meta http-equiv=”refresh” content=”0;url=index.php”>
</head>
<body>
</body>
</html>

I’m sure there are ways to improve this but I figured I would put this rough copy on out there. Of course as you can tell since this passes rm to system() it only works on Linux.