davesmithhayes.com

Software, audio, and other musings.

Update WordPress on a Cron

June 24, 2016

I like to be safe. Especially with a platform that has a history of bad security. Granted, the more I use WordPress and work with it, the more I realize its just a lack of understanding that creates vulnerabilities in WordPress installations.

A big one a lot of novice developers get themselves into is running $ chmod -R 777 wp-content so that they can install themes and update the WordPress platform from WordPress. The problem is that the last 7 in that mode will give read/write/execute access to any user on the system – even the one that runs Apache2 (or NGiNX).

So below is a small script I wrote, and introduced to the cron table to run every Friday around 5pm UTC+2 (my server, this one, is in the Netherlands, however I am here in Southern Ontario, UTC-4).

#!/usr/bin/env bash

# Grab the latest WordPress installation
wget -P /tmp/ https://wordpress.org/latest.tar.gz -q

# Untar the newest version
tar -zxvf /tmp/latest.tar.gz --directory /home/dave/ > /dev/null 2>&1

# Give it back to Dave
chown -R dave.dave /home/dave/wordpress

Because the cron is always run as root, or nobody, its necessary to give me access back to the files in WordPress. Of course if you want to use this script, change the directories listed to wherever your WordPress installation is located (such as /var/www).

I put the script into /usr/local/bin as update_wordpress and thenI added it to my crontable:

$ sudo crontab -e

(within the editor that opened the cron table):

* 17 * * 5 update_wordpress

So now I have automated updating WordPress and that’s just the way I like it.

To Top