A secure database backup solution with multiple layers of protection and access controls.
- 🔒 Secure Access Controls
- WordPress authentication required
- Nonce-protected URLs
- Secret key authorization
- User capability checks
- 🛡️ Security Measures
- .htaccess protection for backups
- File permission hardening
- Path traversal prevention
- SQL injection protection
- 💾 Backup Features
- GZIP compressed backups
- Chunked data processing for large tables
- Automatic directory creation
- Downloadable backup files
- Download the plugin ZIP file
- Go to Plugins > Add New in WordPress admin
- Click Upload Plugin and select the ZIP file
- Activate the plugin through the Plugins menu
- Go to Settings > General
- Find the Secure Backup Settings section
- Copy the generated backup URL (bookmark this - it will only show once)
- Optional: Add IP whitelisting in plugin code
-
Access Backup URL
- Use the generated URL while logged in as admin
- Backup will automatically download as
.sql.gzfile
-
Backup Storage
- Backups are stored in
/wp-content/backups/ - Protected by
.htaccessrules - Files automatically deleted after 30 days
- Backups are stored in
-
🔑 Secret Key Management
- Regenerate secret key periodically
- Never share backup URLs
- Use HTTPS exclusively
-
🛡️ Server Configuration
- Implement IP whitelisting
- Set up rate limiting
- Monitor backup directory access
-
🔄 Maintenance
- Test backups regularly
- Keep plugin updated
- Review access logs
Common Issues:
- 403 Forbidden: Verify user permissions and secret key
- Directory creation failed: Check wp-content permissions (0750+)
- Empty backups: Ensure database user has SELECT privileges
- Timeout errors: Increase PHP max_execution_time
Always test backups in a staging environment before relying on them for production use. The developers are not responsible for any data loss.
1.0.0 (2025-02-18)
- Initial release with core backup functionality
- Security layers implementation
- WordPress settings integration