Secure Wordpress Installations Server-wide (cPanel/WHM)

It has been known that whenever some hacker/intruder gets access to one account on cPanel Server, he tries to gain access to all sites hosted on the server. Most common method is to scan the CMS configuration files which are present on the server. For example hacker scans the wp-config.php files and symlinks these files to view the db information.

This can be avoided to keep the permissions of config files so that other linux users are not able to access it.

Here is the command which will scan all wp-config.php files on server and changes permissions to 0600.

find /home/*/public_html -name "wp-config.php" -type f -exec chmod -v 0600 {} \;


Was this article helpful?

mood_bad Dislike 0
mood Like 0
visibility Views: 173