There is no plug ins in WordPress to bulk fix your permissions. That is why this little script was made. The trick is you have to run it from the root of the server which in most cases your hosting company has to do.
It’s really easy to run and 100% safe.
Here is how:
1. Download the script anywhere on the server
2. Run the script from the same folder it’s downloaded
This will fix one account
sh ./fixperms.sh -a username
This will fix all accounts
sh ./fixperms.sh -all
That’s it, enjoy!
CryptPHP PHP malware has a become a nightmare for WordPress owners. Hacking millions of websites with it and getting web hosts listed in CBL effecting other web hosting accounts that did nothing wrong. It’s a vicious loop unfortunately that blacklists like CBL and Sorbs don’t care about using scrutiny or rational. Their philosophy is to just block everything if there is an issue despite websites being blocked that did nothing wrong. Hopefully someday blacklist will focus on the domains that cause issues not the IPs. That way good sites will not blocked for doing nothing wrong. Most IP people and the net know that Sorbs blocks million of good websites with no regard, I was chocked though to see CBL jump on the same list of block first ask later.
Anyways… to find the CryptPHP hack A.K.A. social.png hack. You need to run search command from root on your server.
This will find it:
for r in `locate social | grep png`; do file $r; done | grep PHP
But removing it will not fix the issue, if it’s on the site than the site has been hacked and needs to be removed. The only things that can be salvaged is the images and databases.
Here is a little information on having your WordPress Hacked
To compress a file or folder with tar run this:
tar -cvf archive-name.tar directory_name
To extract a file or folder with tar run this:
tar -xvf archive-name.tar
If you want to change the language the user root uses by command in Centos you need to run this:
This is for English if you want another language you need to change this to your language; en_GB
Some scripts like WordPress and Joomla can leave a big error_log files that no one will ever look at. Try opening a 30mb log file with Word and see what happens. In most cases you can just remove this file with a simple command.
To remove all error_log files for CPanel accounts that are live use:
find /home/ -type f -name error_log -delete
To remove all error_log files from backups use:
find /backup/ -type f -name error_log -delete
This will take a while to complete because it will look through every file, it also runs pretty smooth so just sit back and let it work it’s magic.
If a customer happens to delete their emails you can still retrieve them from the cpanel backup system. This will take root access to move the files from the backup folder tot he customers account.
You can extract a backup archive and copy over the emails to an account’s existing mail directory. If restoring a backup archive, you will find emails located at:
You can also find emails from the default account within:
The following thread is intended for manual migrations to cPanel, but it includes details about the maildir structure that will be useful to you:
Manual Migrations to cPanel