Title: Automatically back up only posts and comments? Last modified: August 20, 2016 --- # Automatically back up only posts and comments? * Resolved [megmo](https://wordpress.org/support/users/megmo/) * (@megmo) * [13 years, 8 months ago](https://wordpress.org/support/topic/automatically-back-up-only-posts-and-comments/) * I have two different backup solutions in place that backup automatically (one to an Amazon S3 account and one emails it to me), but both are backing up the entire database. Last week my webhost discovered that my site had been hacked( thanks to the timthumb hole in my WooThemes theme) and suspended my hosting account. * I wanted to restore my site from one of the two backups, but my host told me that it’s possible the database was corrupted in the hack and I should start over completely from scratch. They let me back into my site to export an XML file of my posts and comments, but that’s all I was able to salvage. * So now I’m curious… what is the point of backing up my database if I can’t extract only the posts and comments out of it? I’ve googled a lot looking for a way to automatically backup (preferably to Amazon but I’d take email, too) just the XML file that you’d get when you export your content, and I can’t find any plugins that seem to do this. * Does anyone know of a plugin that will backup just my posts and comments? Viewing 8 replies - 1 through 8 (of 8 total) * [esmi](https://wordpress.org/support/users/esmi/) * (@esmi) * [13 years, 8 months ago](https://wordpress.org/support/topic/automatically-back-up-only-posts-and-comments/#post-3010035) * How many database backups do you have? How old is the oldest? * Thread Starter [megmo](https://wordpress.org/support/users/megmo/) * (@megmo) * [13 years, 8 months ago](https://wordpress.org/support/topic/automatically-back-up-only-posts-and-comments/#post-3010040) * Looks like I started backing up the database in February of 2011. I tried figuring out a way to extract just the posts and comments from the database files, but didn’t ever find anything that didn’t require quite a bit of technical knowledge. 🙂 * I’m planning to continue to do the database backups, I’d just like to also back up only the XML file of posts/comments if that’s possible. * [esmi](https://wordpress.org/support/users/esmi/) * (@esmi) * [13 years, 8 months ago](https://wordpress.org/support/topic/automatically-back-up-only-posts-and-comments/#post-3010047) * You might be in luck. The last timthumb vulnerability was found in [August 2011](http://weblogtoolscollection.com/archives/2011/08/04/timthumb-security-vulnerability/). So a backup from Feb 2011 might be OK. At about that time, you would (I assume) have been using WordPress 3.1 or 3.0.5. You could try wiping the current site and re-installing WordPress 3.1 or 3.0.5 (we’d need to check the backup to find out what version you were using in Feb 2011), restoring the old backup and then carrying out a series of manual upgrades to get you back to 3.4.1. The full details can be found in [Upgrading_WordPress_Extended](http://codex.wordpress.org/Upgrading_WordPress_Extended). * Or you could cut your losses, wipe the database, re-install and then use the import file to restore all of your current posts and comments. * To the best of my knowledge, there isn’t a plugin that can carry put a partial database backup as so many of the db tables are interconnected. Nor have a come across anything that can carry out an unattended xml export of your site’s content. Doesn’t mean that there isn’t one out there – just that I haven’t come across one yet. * Thread Starter [megmo](https://wordpress.org/support/users/megmo/) * (@megmo) * [13 years, 8 months ago](https://wordpress.org/support/topic/automatically-back-up-only-posts-and-comments/#post-3010050) * I actually don’t mind re-building the rest of the site from scratch, as I had just recently modified a new theme so it didn’t look anything like it did back in Feb. of 2011. 🙂 I guess I will keep looking for an XML backup, or at least make myself a note to make one on a fairly regular basis. I wasn’t aware that I could import the database file and choose to only bring in the posts and comments. My host seemed to think that if I wiped the database and then reinstalled from a backup, I’d be bringing back the bad files that existed. * I also didn’t realize the timthumb vulnerability went back that far, which makes me worried about a client’s website I set up earlier this year using a Woo theme. The site was finalized in March, but I think the theme had been installed as early as December of 2011. Do I need to wipe the entire site and start over to ensure there are no vulnerabilities? I haven’t heard anything from him regarding any messages from his webhost about bad files being placed in his site, but I’m also not exactly sure how to check for that. I tried a plugin when I set up the site, but an initial scan (right after I installed WordPress for the first time) told me there were about 3,000 problems, which I found a little hard to believe. * [esmi](https://wordpress.org/support/users/esmi/) * (@esmi) * [13 years, 8 months ago](https://wordpress.org/support/topic/automatically-back-up-only-posts-and-comments/#post-3010053) * > My host seemed to think that if I wiped the database and then reinstalled from > a backup, I’d be bringing back the bad files that existed. * They are correct. You’d need to immediately remove any theme or plugin that referenced timthumb but, with luck, there’d be no actual hacked files at that point in time. * > Do I need to wipe the entire site and start over to ensure there are no vulnerabilities? * Does the site’s theme or any of its plugins use timthumb? If so, what version? You could have a look at [http://wordpress.org/extend/plugins/timthumb-vulnerability-scanner/](http://wordpress.org/extend/plugins/timthumb-vulnerability-scanner/) but nothing beat a manual check. * > an initial scan (right after I installed WordPress for the first time) told > me there were about 3,000 problems, which I found a little hard to believe. * What plugin was that? * Thread Starter [megmo](https://wordpress.org/support/users/megmo/) * (@megmo) * [13 years, 8 months ago](https://wordpress.org/support/topic/automatically-back-up-only-posts-and-comments/#post-3010059) * The theme has a file called thumb.php and it says Tim Thumb in it, but I seem to remember an older version of one of my themes having timthumb.php, not thumb. php. I installed and ran the Tim Thumb vulnerability scanner you recommended and it found that there was an old version installed that was vulnerable, but that was all it said. I updated the script and now it says that I’m up to date. Is that all that I need to ensure there are no back doors left open to the site? Or do I still need to remove the theme and then re-install it and make all my CSS changes, etc., to it again? * I think the plugin I used originally was called Exploit Scanner, but I’m not entirely sure because I deleted it after it returned all those errors for a fresh install. 🙂 * Thanks for all of your help!! * [esmi](https://wordpress.org/support/users/esmi/) * (@esmi) * [13 years, 8 months ago](https://wordpress.org/support/topic/automatically-back-up-only-posts-and-comments/#post-3010061) * > Is that all that I need to ensure there are no back doors left open to the > site? * If this is a live site, then you’ll need to check the site over fully in case it has already been hacked. In fact, it probably wouldn’t be a bad idea to proceed as if it _had_ been hacked if you want to be really sure. These resources should help: [http://codex.wordpress.org/FAQ_My_site_was_hacked](http://codex.wordpress.org/FAQ_My_site_was_hacked) [http://wordpress.org/support/topic/268083#post-1065779](http://wordpress.org/support/topic/268083#post-1065779) [http://smackdown.blogsblogsblogs.com/2008/06/24/how-to-completely-clean-your-hacked-wordpress-installation/](http://smackdown.blogsblogsblogs.com/2008/06/24/how-to-completely-clean-your-hacked-wordpress-installation/) [http://ottopress.com/2009/hacked-wordpress-backdoors/](http://ottopress.com/2009/hacked-wordpress-backdoors/) * Thread Starter [megmo](https://wordpress.org/support/users/megmo/) * (@megmo) * [13 years, 8 months ago](https://wordpress.org/support/topic/automatically-back-up-only-posts-and-comments/#post-3010062) * Awesome, thank you so much. I’ll review those resources and go from there! Viewing 8 replies - 1 through 8 (of 8 total) The topic ‘Automatically back up only posts and comments?’ is closed to new replies. ## Tags * [Comments](https://wordpress.org/support/topic-tag/comments/) * [posts](https://wordpress.org/support/topic-tag/posts/) * In: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/) * 8 replies * 2 participants * Last reply from: [megmo](https://wordpress.org/support/users/megmo/) * Last activity: [13 years, 8 months ago](https://wordpress.org/support/topic/automatically-back-up-only-posts-and-comments/#post-3010062) * Status: resolved ## Topics ### Topics with no replies ### Non-support topics ### Resolved topics ### Unresolved topics ### All topics