Skip to content

fix(clone): Prevents overwriting wp-config.php when cloning a remote site with a custom public directory #462

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
rodrigo-gpereira wants to merge 1 commit into
base: develop
Choose a base branch
from
Open

fix(clone): Prevents overwriting wp-config.php when cloning a remote site with a custom public directory #462

rodrigo-gpereira wants to merge 1 commit into from

Conversation

@rodrigo-gpereira
Copy link

@rodrigo-gpereira rodrigo-gpereira commented Nov 16, 2025
edited
Loading

This change fixes a bug in the copy_site_files() function where the wp-config.php file from the remote site was copied and overwritten the local wp-config.php file when the remote site had a custom public directory.

Evidence:

sudo ee site clone root@192.168.100.20:custom-public.local .

Checking access to both sites
Creating site. This may take a while...
Syncing files
Syncing database
Exporting database from source
Copying database to destination
Importing database in destination
Error: Error while executing clone-import-db. closure: Unable to import database on destination. Please check for file system permissions and disk space.
Cleanup export file from source and destination
Success: Site cloned successfully.
You have to do these additional configurations manually (if required):
1. Update wp-config.php.
2. Add alias domains.

Problem.

The code only had --exclude '/wp-config.php' (in the root)
When the remote site had a custom source_public_path (e.g., /current/web), wp-config.php was located in /current/wp-config.php
Since the exclusion only covered the root (/wp-config.php), rsync copied wp-config.php from the remote site, overwriting the local database settings and preventing synchronization from occurring correctly.

Solution.

With the code update, it's possible to clone WordPress sites from remote servers with a customized public directory.

sudo ee site clone root@192.168.100.20:custom-public.local .

Checking access to both sites
Creating site. This may take a while...
Syncing files
Syncing database
Exporting database from source
Copying database to destination
Importing database in destination
Executing search-replace
Cleanup export file from source and destination
+--------------------+-------------------------------------------+
| Site               | http://custom-public.local                |
+--------------------+-------------------------------------------+
| Site Root          | /opt/easyengine/sites/custom-public.local |
+--------------------+-------------------------------------------+
| Site Title         | custom-public.local                       |
+--------------------+-------------------------------------------+
| WordPress Username | wp-user-o42y                              |
+--------------------+-------------------------------------------+
| WordPress Password | wV0zQVq9Z3Jdgt2yA5                        |
+--------------------+-------------------------------------------+
| Alias Domains      | None                                      |
+--------------------+-------------------------------------------+
| DB Host            | global-db                                 |
+--------------------+-------------------------------------------+
| DB Name            | custom_public_local                       |
+--------------------+-------------------------------------------+
| DB User            | custom-public.local-kvkz6a                |
+--------------------+-------------------------------------------+
| DB Password        | OhkHGKQH3nGYIBJggN                        |
+--------------------+-------------------------------------------+
| E-Mail             | admin@custom-public.local                 |
+--------------------+-------------------------------------------+
| SSL                | Not Enabled                               |
+--------------------+-------------------------------------------+
| Cache              | None                                      |
+--------------------+-------------------------------------------+
| Proxy Cache        | Off                                       |
+--------------------+-------------------------------------------+
Success: Site cloned successfully.
You have to do these additional configurations manually (if required):
1. Update wp-config.php.
2. Add alias domains.

Note: Since the synchronize command uses the same function, the correction covers synchronization from the remote server.

Fixes #463

@rodrigo-gpereira
fix(clone): Prevents overwriting wp-config.php when cloning a remote …
7709c4f 
…site with a custom public directory

This change fixes a bug in the copy_site_files() function where the wp-config.php file from the remote site was copied and overwritten the local wp-config.php file when the remote site had a custom public directory.
@mrrobot47 mrrobot47 requested a review from Copilot December 8, 2025 04:11
Copilot AI reviewed Dec 8, 2025
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR fixes a bug in the copy_site_files() function where wp-config.php from a remote site with a custom public directory was incorrectly copied and overwrote the local wp-config.php file during cloning operations.

Key Changes

  • Adds exclusion logic for wp-config.php in custom public directories and their parent directories
  • Updates uploads path handling to use source-specific and destination-specific path variables
  • Fixes exclusion pattern for uploads to use the correct source-relative path
Comments suppressed due to low confidence (1)

src/clone/clone-utils.php:166

  • The construction of the rsync command here interpolates values derived from site_container_fs_path (e.g. destination_public_path, source_public_path/source_uploads_path) directly into the $exclude string, which is then passed as part of a full shell command to EE::exec via rsync_command. Because these values ultimately come from ee site info JSON on the remote host and are not re-escaped (e.g. with escapeshellarg), a compromised or malicious remote site can set site_container_fs_path (or site_fs_path) to include shell metacharacters and achieve command injection on the local host when cloning/syncing (e.g. via a crafted path that injects ; rm -rf /). To fix this, ensure all path components used in $exclude, $source_dir, and $destination_dir are strictly validated on read and passed through escapeshellarg, or refactor rsync_command/EE::exec to avoid shell parsing by passing arguments as an array to the underlying process launcher.
	$source_public_path      = str_replace( '/var/www/htdocs', '', $source->site_details['site_container_fs_path'] );
	$destination_public_path = str_replace( '/var/www/htdocs', '', $destination->site_details['site_container_fs_path'] );

	$exclude = '--exclude \'/wp-config.php\'';

	if ( ! empty( $destination_public_path ) ) {
		$exclude .= ' --exclude \'' . $destination_public_path . '/wp-config.php\'';

		$parent_dir = dirname( $destination_public_path );
		if ( $parent_dir !== '.' && $parent_dir !== '/' ) {
			$exclude .= ' --exclude \'' . $parent_dir . '/wp-config.php\'';
		}
	}

	$source_uploads_path      = $source_public_path . '/wp-content/uploads';
	$destination_uploads_path = $destination_public_path . '/wp-content/uploads';
	$uploads_path_share       = '/shared/wp-content/uploads';

	$source_dir      = remove_trailing_slash( $source->get_site_root_dir() );
	$destination_dir = remove_trailing_slash( $destination->get_site_root_dir() );

	if ( $sync_type['uploads'] && ! $sync_type['files'] ) {
		$source_dir      .= $source_uploads_path;
		$destination_dir .= $destination_uploads_path;
	}

	if ( $sync_type['files'] && ! $sync_type['uploads'] ) {
		$exclude .= ' --exclude \'' . $source_uploads_path . '\'';
		$exclude .= ' --exclude \'' . $uploads_path_share . '\'';
	}

	$rsync_command = rsync_command( trailingslashit( $source_dir ), trailingslashit( $destination_dir ), [ $exclude ] );

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

src/clone/clone-utils.php
Comment on lines +140 to +147
if ( ! empty( $destination_public_path ) ) {
$exclude .= ' --exclude \'' . $destination_public_path . '/wp-config.php\'';

$parent_dir = dirname( $destination_public_path );
if ( $parent_dir !== '.' && $parent_dir !== '/' ) {
$exclude .= ' --exclude \'' . $parent_dir . '/wp-config.php\'';
}
}
Copy link

Copilot AI Dec 8, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The wp-config.php exclusion logic is using $destination_public_path but rsync --exclude patterns are relative to the source directory, not the destination. This should use $source_public_path instead to correctly exclude wp-config.php from the source site's custom public directory.

For example, if the source has a custom public path like /current/web, the exclusion should be --exclude '/current/wp-config.php' (based on source), not based on the destination path.

Notice that line 162 correctly uses $source_uploads_path for excluding uploads, following the same pattern.

Copilot uses AI. Check for mistakes.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Error cloning or synchronizing website from a remote server.

1 participant

@rodrigo-gpereira