WordPress Backup to Dropbox, one of my favorite plugin just got recent update with Dropbox App Folder Mode, Updated API, Rate Limiting and other changes.
Here is a v1.1 change log:
- Updated the Dropbox PHP API to fix various issues processing some files
- Un readable directories or files are now skipped instead of causing an exception
- Added Hungarian language
- The backup now attempts to set the memory limit to 256M before backup
- Removed the option to set the temp backup dir for simplicity
- Migrated to Dropbox App Folder mode for added security of your Dropbox account
- Fixed exclude widget issues on Windows Server
You can register for Dropbox here.
When you upgrade to version 1.1 you will need to re-authorise the plugin with Dropbox, once complete, an app folder named wpb2d will be created in the Apps directory.
It worked perfectly fine for me. All of my blog backups finished without any issue but one strange thing I noticed is that, there isn’t any .htaccess or blank index.php file got created under /wp-content/backups directory. wpb2d should suppose to delete the db backup file after upload to dropbox but it didn’t happened for on 3 blogs except 1.
It means anybody can access your backup file with simple URL:
This is what I observed today but I would like to mentioned that, till today I didn’t have that directory as I removed it before to store backup at other dir structure. May be that the case. Also didn’t notice this vulnerability with previous versions.
It’s not a bad idea to check this. If in your case you see db backup file without
index.php then create index.php file and put below code and copy it to “backups” directory. I’ve email Michael about the same. Hope to get quick response.
// Silence is golden.
deny from all
Update: Plugin updated with blank file.