WordPress.org

Ready to get started?Download WordPress

Forums

WP Clone by WP Academy
[resolved] Securety!! (4 posts)

  1. jakobia
    Member
    Posted 1 year ago #

    Isnt this a huge safety risc?
    Shouldnt the backup file be removed after it has been used onece, if you forgot to remove the backup file, any one can download it and steal your whole site?

    http://wordpress.org/extend/plugins/wp-clone-by-wp-academy/

  2. WP Academy
    Member
    Plugin Author

    Posted 1 year ago #

    I suppose it could be an issue if someone could guess the file name,which is a bit long,but yeah this is one of the reasons that we don't recommend using this as a backup plugin.
    anyhow,when the plugin is disabled/removed,it places an htaccess file inside the backup directory to prevent external access,but while it's active,it's up to the user to decide whether to keep a backup or to delete it.

  3. jakobia
    Member
    Posted 1 year ago #

    But there is no scanner that can crawl wp sites after backup files created from Clone plugin? Wouldnt that be an easy solution that the backup is encrypted and secured with a password that you need to enter before you can use the file? Am I to paranoid?

  4. WP Academy
    Member
    Plugin Author

    Posted 1 year ago #

    haha nope,I don't think that you are being paranoid ;)
    but,yeah,I suppose we should mention something about this in the admin page itself.

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic

Tags

No tags yet.