ReadOnlyDriveFix

In the latest package update of Madara (v. 1.7.4.1), we have included a small add-on call OptionTree Lean. We recommend all users to use this plugin to enhance your Madara site’s security. How to do it?

  • Once you have configured your site using the original OptionTree (Theme Options) plugin, install the OptionTree Lean plugin, then disable the original OptionTree.
  • Now the Theme Options page will be disabled, ie. you cannot modify the settings. But all the settings you have configured are read-able.
  • If you want to configure your site again, just activate the original OptionTree plugin again

So the main purpose of the OptionTree Lean add-on is to make your Theme Option read-only, to prevent any possible exploitation.

One extra step to secure all your WordPress files from modification is to make them Read-Only. To do that, use your SSH terminal, connect to your site and run these commands

cd [root-www-dir]
chattr -R +i public_html
cd public_html
chattr -R -i wp-content/plugins/madara-core/extract
chattr -R -i wp-content/uploads

where [root-www-dir] is often /var/www/ , the root folder of your site folder.

Read more about security enhancement here: https://mangabooth.com/secure-your-wordpress-site-and-clean-a-hijacked-site/

SHARE THIS POST

Leave a Reply

Your email address will not be published. Required fields are marked *

*

4 × 2 =