Sysop:Wordpress

• http://wordpress.org

Mass Install/Upgrade WordPress with Gentoo+Webapp_config

• http://fucoder.com/2007/03/mass-wordpress-upgrade/

Scripts for a WordPress Weblog Farm

• http://climbtothestars.org/archives/2004/09/02/scripts-for-a-wordpress-weblog-farm/

Example script:

#!/bin/bash
# Wordpress mass upgrade script
# by immerda project group 
# admin(at)immerda.ch
# script unter GPLv3

home_dir=foobar1
backup_dir=foobar2
latest=`ls /usr/share/webapps/wordpress/ | tail`
for dir in [ "blog1" "blog2" "blogX" ]
do
    if [ -f $home_dir/$dir/www/.webapp-wordpress-* ]
    then
        cp -a $home_dir/$dir $backup_dir
        sitename=`basename $dir`
        webapp-config -U -h $sitename -d / wordpress $latest
        curl http://$sitename/wp-admin/upgrade.php?step=1 > /dev/null
        CONFIG_PROTECT="$home_dir/$dir/www/" etc-update
    fi
done

Mod_Security

sysop:Mod_Security can be used to take attackers and spammers away.

An additional rule set you can find on gotroot:

• http://www.gotroot.com/downloads/ftp/mod_security/2.0/apache2/blacklist.conf

There is also a paper which describes how to install mod_security for wordpress:

• http://blogsecurity.net/wordpress/modsecurity-and-wordpress-defense-in-depth/

mod_security problem

• http://www.murderthoughts.com/2006/06/10/wordpress-and-mod_security/

If you’re getting an apache error that says “You don’t have permission to access /wp-admin/options.php on this server.”, this is most likely your problem.

The solution is to add this to your exclusions.conf file:

<LocationMatch "/wp-admin/options.php">
      SecFilterRemove 300015
</LocationMatch>