Set folder to readonly mode in Linux

Very often, when website is hacked – we do clean it for customer, because we do not want to have hacked content on our servers. In most cases we do it for free.

After website has been cleaned – in order to stop it from being hacked again – we set it into readonly mode (just a web folder, as mail should still be working). It is very effective and gives customers option to decide – when and how they are going to upgrade their scripts.

Here are basic command, that we use:

# set current folder into readonly
chattr +i .
# set current and all subfolders into readonly mode (recommended!)
find . -type d -exec chattr +i {} \;

When you need to change it back to write-mode, run same command, but instead of “+i” – use “-i”.