Snapshot Backup
[resolved] Security and compression (2 posts)

  1. jtheory
    Posted 4 years ago #

    Thanks for the plugin! This is close to what I need, but has a few serious issues that will fortunately be easy to fix.

    1. Backups should not be publicly available: currently the latest backup is freely-downloadable in the uploads directory by anyone who can guess the filename... which isn't hard, since it's just a timestamp. It's easy for a cracker to write a script to try the 1440 possibilities in a given day, and that's that.
    2. Don't leave tar files uncompressed: a tar file has no compression at all - but it's easy to make tar.gz (or name them .tgz) files instead by just including "z" in your tar options to gzip the tarball.


  2. Jay Versluis
    Plugin Author

    Posted 4 years ago #

    Hi jtheory,

    Those are two very good points indeed. I'm now sure though where else to save the latest local snapshot - it needs to be accessible otherwise people won't be able to download it via the web. I'm happy to add a delete option though once the snapshot has moved to the FTP repo.

    I want to make compression an option too, it's been requested several times before. Next time I get round to an update those points will be addressed. Can't promise when that will be though...

    There is a plugin that has all this built in though: check out http://backwpup.com

Topic Closed

This topic has been closed to new replies.

About this Plugin

  • Snapshot Backup
  • Frequently Asked Questions
  • Support Threads
  • Reviews

About this Topic


No tags yet.