Essentially, the method will cause your WordPress files to become frozen, making it impossible for malware to modify them. Still, at the same time, it will allow uploading images in the gallery.
Notice: before locking, make sure to clean malware files and malware lines of code as much as possible.
Use this method to find freshly uploaded or modified php files (that are probably uploaded/modified by malware).
To lock your WordPress, in your SSH, as root, do the following:
Code: Select all
v-lock-wordpress yourdomain.com
If you don't clean up all infected files before locking, a hacker can theoretically still modify posts in the database, injecting HTML code that loads malicious javascript from another server.
When sometime in the future you want to update your WordPress, you will have to first unlock your website by running the following command:
Code: Select all
v-unlock-wordpress yourdomain.com
The following is a further explanation of the "lockdown" method:
Our script does the following to prevent PHP-FPM from editing/adding any files:
Code: Select all
chmod -R 0755 public_html/
chown -R www-data:www-data public_html/
Additionally, for the following folders :
- wp-content/uploads/
- wp-content/cache/
Code: Select all
chmod -R 0755
chown -R currentUser:currentUser
- it will add a .htaccess file to prevent the execution of .php files inside those folders.
Additionally, the script checks and corrects file and folder permissions:
Code: Select all
find public_html/ -type d -exec chmod 755 {} +
find public_html/ -type f -exec chmod 644 {} +