From 85d377192a33a21c4329fb0bfb600c913d044f44 Mon Sep 17 00:00:00 2001
From: xZero707 <xzero@elite7hackers.net>
Date: Fri, 21 Jan 2022 20:11:38 +0100
Subject: [PATCH] Make wp-admin/update-core.php read-only

It has been reportedly replaced with original file by some security plugins.
---
 rootfs/etc/cont-init.d/10-init-wordpress | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/rootfs/etc/cont-init.d/10-init-wordpress b/rootfs/etc/cont-init.d/10-init-wordpress
index 8f1ef7d..a107b85 100644
--- a/rootfs/etc/cont-init.d/10-init-wordpress
+++ b/rootfs/etc/cont-init.d/10-init-wordpress
@@ -13,6 +13,8 @@ function disableUpdatesPatch() {
   if [ "${DISABLE_WP_UPDATES}" != "false" ]; then
     echo "> Disabling WordPress updates..."
     patch /var/www/html/wp-admin/update-core.php </etc/wp-mods/wp-admin-update-core.patch
+    echo "> Making the patched file read-only..."
+    chmod 0440 /var/www/html/wp-admin/update-core.php
   fi
 }