WordPress.org

Ready to get started?Download WordPress

Forums

[resolved] DB Backup folder visible to the public (36 posts)

  1. paulacooney
    Member
    Posted 5 years ago #

    I just upgraded to 2.8. Before I did so I was prompted to do a backup and so installed the DB Backup plugin and backed up. Now there is a big bold messsage in wp-admin saying:

    Your backup folder MIGHT be visible to the public

    To correct this issue, move the .htaccess file from wp-content/plugins/wp-dbmanager to /home/websitename/public_html/wp-content/backup-db

    The problem is I'm not sure where to find the file or how to move it. Do I do this inside wp-admin somewhere or do I use my ftp program to view the files on the server and then somehow move it?

    As you can see I'm a raw newbie

    Thanks for the help

  2. MichaelH
    Member
    Posted 5 years ago #

    The wp-dbmanager folder (likely in your wp-content/plugins folder) has a file called htaccess.txt

    1. Use FTP and download that file to your local computer
    2. Then still using FTP upload that file to the /home/websitename/public_html/wp-content/backup-db folder and rename the file .htaccess

    Related:
    Uploading WordPress to a remote host

  3. naijaecash
    Member
    Posted 5 years ago #

    Thanks for the information. I was missing the part of renaming the htaccess.txt to .htaccess

    You just saved me some serious headache. :-)

  4. paulacooney
    Member
    Posted 5 years ago #

    Thanks so much.........awesome........ easy to follow instructions

  5. The Lucky Ladybug
    Member
    Posted 5 years ago #

    This topic is NOT RESOLVED! I've been getting the same message since the upgrade too -- and it's driving me nuts.

    Your backup folder MIGHT be visible to the public

    To correct this issue, move the .htaccess file from wp-content/plugins/wp-dbmanager to /home/**********/public_html/wp-content/backup-db

    I've checked and double-checked and there IS NO SUCH file in the plugin folder. I searched .htaccess to find the file locations and it's definitely not there.

    But I keep getting this annoying message on every admin page. I really like this plugin, but it seems that the only way to turn off the false message is to deactivate it.

  6. Lester Chan
    Member
    Posted 5 years ago #

    I realized WordPress Plugins SVN automatic exclude my .htaccess file from the zip file.

    http://lesterchan.net/wordpress/readme/wp-dbmanager.html (Under Installatin Tab)

  7. organicjar
    Member
    Posted 5 years ago #

    Okay so I downloaded the file, then uploaded it and then renamed it...QUESTION? Do I delete and remove the .htaccess from the original location? Becuase when I download it, its still there? Wasn't sure if this makes a difference

  8. Lester Chan
    Member
    Posted 5 years ago #

    Nope, it is the same file. So you can use it back. Just move it to your backup location

  9. MsUnderestimated
    Member
    Posted 5 years ago #

    I, like those above, do not have an .htaccess.txt file in the directory indicated. Am I still at risk of public viewing of my backup?

    Can someone please explain to this dummy (yes, I need easy steps to do this)?

    Thanks!
    MsU

  10. Lester Chan
    Member
    Posted 5 years ago #

    The file name included in the zip is called "htaccess.txt". You need to rename it to just ".htaccess"

  11. Troy Dean
    Member
    Posted 5 years ago #

    Although my backup-db folder is not accessible to me so I cannot move the htaccess file there? The backup-db folder has different ownership.

    Any ideas other than asking my host to change file permissions?

  12. Lester Chan
    Member
    Posted 5 years ago #

    As long as your backup folder is not accessible by anyone including you, it will do.

  13. onlyliesbeth
    Member
    Posted 5 years ago #

    I have the same problem, its still there. I have found the htaccess.txt file and move it, but i don't find .htaccess file. Is this maybe the problem?

  14. onlyliesbeth
    Member
    Posted 5 years ago #

    Also I rename it..I have the same question as organicjar. Don't understand it, the file is now in db-backup and removed it from db-manager

  15. Lester Chan
    Member
    Posted 5 years ago #

    Use your ftp and check the /backup-db/ folder to see if the .htaccess file is really name htaccess file. It might be named as .htaccess.txt depending on whether you allow showing of file extension in windows.

  16. Mezloh
    Member
    Posted 5 years ago #

    I have followed Lester's instructions and I still can't get rid of the warning.

    I have the htaccess folder where it is supposed to be and i have the permissions set properly, it won't go away unless I deactivate the plugin.

    So until there is a legit fix I will have to put this on the backburner, that's too bad because I use just about every one of Lester's plugins.

    I have tried to uninstall it 2 times and ftp it back again with no luck so I know it isn't anything I am doing wrong.

  17. Lester Chan
    Member
    Posted 5 years ago #

    It is NOT a folder. It is a file, the file name in the zip is called "htaccess.txt" You have to rename it to ".htaccess" and upload it to your backup folder directory. Defaults to "/wp-content/backup-db/"

  18. dlangendorf
    Member
    Posted 5 years ago #

    I had this same problem and the answer is here, although it took me a minute to put the pieces together. If your situation is like mine:

    the htaccess.txt file was in the /wp-content/plugins/wp-dbmanager folder

    i had no folder /backup-db in my /wp-content folder. i created one.

    i used my ftp client to move the htaccess.txt file to my desktop, then added it to the new /backup-db folder via ftp

    my mistake was this: i changed the file to .htaccess.txt -- not realizing that the .txt should be removed. i sort of glossed over it. anyway, by removing .txt and adding a . (period) in front of .htaccess, the warning message disappeared.

    when you add the . in front of .htaccess the file will disappear from the folder, but that is expected. the . makes the file hidden, from what i understand.

    anyway, it worked. hope it helps.

  19. Tranny
    Member
    Posted 5 years ago #

    I still find it very unstable. It worked for me on one site, but doesn't on another. Backup-db folder is there, .htaccess file is within it, the folder it CHMOD'd to 777, yet still the message. Definitely a buggy stuff. However it worked on another blog. All I can say is - unstable

  20. Jayen
    Member
    Posted 5 years ago #

    Hi

    I just thought I'd add that i had the same problem some mentioned here where the /backup-db folder was inaccessible to me with my ftp client.

    In order to get the htaccess.txt file (re named to .htaccess) in the /backup-db folder and in doing so to get rig of the annoying message in WP admin I simply created a new folder on my computer called backup-db and put the .htaccess file within it (since our pcs won't show the .txt end of the file name you'll need to change the name while it's still in the /wp-content/plugins/wp-dbmanager folder with your FTP client before you download it to your pc), I then deleted the /backup-db folder with my FTP client (while the plugin was deactivated)and uploaded the pre prepared folder on my PC to the /wp-content folder.

    After doing this once i had the plugin re activated i no longer got the annoy message in my admin :)

    Hope this helps others

    Jayen

  21. Jayen
    Member
    Posted 5 years ago #

    mmm, I'm afraid this issue is not resolved after all :(

    Although moving the htaccess.txt file to the backup-db folder and re naming it to .htaccess worked fine on one of my sites, it is not working on another.

    The blog runs version 2.8 of WP and is installed in a sub directory of the site. And yes the file name is definitely correct, i copied it across from my PC using the very same file i had saved to my other sites backup-db folder which worked perfectly (as stated in my post above).

    Jayen

  22. PJSacchetta
    Member
    Posted 5 years ago #

    I was having the same issues described above. What finally worked for me is adding the period in front of the name of the file. That's what made the warning finally go away.

  23. dizid
    Member
    Posted 5 years ago #

    The /wp-content/backup-db folder is not accessible by me.

    So, i can't upload the .htaccess to that folder so that big bold messsage in wp-admin saying: "Your backup folder MIGHT be visible to the public" cannot be removed.

    Any solutions for this?

  24. Lester Chan
    Member
    Posted 5 years ago #

  25. jrivera401
    Member
    Posted 5 years ago #

    The problem is you need to specify the full path, not just the sites root path

    /home/username/public_html/wp-content/backup-db

    To everyone else saying this is unstable or useless plugin shame on you... please uninstall it now and move along.

    Thanks GamerZ for a wonderful plugin.

  26. jwlwjw
    Member
    Posted 5 years ago #

    HI: Problem Solved I did not rename the file correctly.

    Just Follow the instructions to the tee and all is well.

    Thanks
    John

  27. cogmios
    Member
    Posted 4 years ago #

    it might be handy to put a guess to the root path to the wordpress dir on the specific webhost inside the box where it asks for the backup path, might help.

  28. Hanzo
    Member
    Posted 4 years ago #

    Thanks for the information, it helped me

  29. FormerBigIronGuy
    Member
    Posted 4 years ago #

    A fine lot of good this thread does me!

    I got the message when I signed up to use WordPress with a blogger's site, because that was what they required. I do not have a WordPress site, I have not downloaded any WP software.
    I did download Google Gears, and my browser tells me that I have to activate it for the WP site I wish to participate in. With a funky message like:

    Your backup folder MIGHT be visible to the public

    To correct this issue, move the .htaccess file from wp-content/plugins/wp-dbmanager to /home/persist2/public_html/wp-content/backup-db

    I am reluctant to turn on the Google software. So, what to do?

    /s/ Former Big Iron Guy

  30. I got the message when I signed up to use WordPress with a blogger's site

    If it really concerns you, ask the folks who manage the WordPress site you signed up on. Although it sounds like you signed up to a service that installs WordPress for you.

    If you are going to blog that way and don't know about the software, you really need to make sure that company keeps your installation current and secure.

Topic Closed

This topic has been closed to new replies.

About this Topic