WordPress.org

Ready to get started?Download WordPress

Forums

WP-DB-Backup Plugin asking for 777 (3 posts)

  1. runfast
    Member
    Posted 4 years ago #

    I installed the WP-DB-Backup Plugin and tried to backup my database. The following warning showed up:

    WARNING: Your backup directory is NOT writable! We cannot create the backup files. Using your FTP client, try to set the backup directory’s write permission to 777 or a+w.

    This seems like a big risk.

    Should 755 be used and do I need to change it back to something else after the backup?

  2. Azizur Rahman
    Member
    Posted 3 years ago #

    Like runfast suggested it should not require 777 or a+w permission.

    Alternatively it should also create a .htaccess file to block direct access to the backup directory.

    Any download should be done via Admin and not via direct URL acccess which is now possible if you can guess the URL.

  3. Azizur Rahman
    Member
    Posted 3 years ago #

    Here is an example of .htaccess file with hotlinks protection

    <IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteBase /
    
    RewriteCond %{HTTP_REFERER} !^http://example.org.uk/.*$      [NC]
    RewriteCond %{HTTP_REFERER} !^http://example.org.uk$      [NC]
    RewriteCond %{HTTP_REFERER} !^http://www.example.org.uk/.*$      [NC]
    RewriteCond %{HTTP_REFERER} !^http://www.example.org.uk$      [NC]
    RewriteRule .*\.(zip|pdf|sql|jpg|jpeg|gif|png|bmp)$ - [F,NC]
    
    RewriteRule ^index\.php$ - [L]
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule . /index.php [L]
    </IfModule>

    Make sure to replace example.org.uk with your own domain.

Topic Closed

This topic has been closed to new replies.

About this Topic