WordPress Backup to Dropbox, one of my favorite plugin just got recent update with Dropbox App Folder Mode, Updated API, Rate Limiting and other changes.
Update on 09/03/2018: This plugin was closed on February 7, 2018 and is no longer available for download. Reason:
Guideline Violation
.
Have you checked?
Here is a v1.1 change log:
- Updated the Dropbox PHP API to fix various issues processing some files
- Un readable directories or files are now skipped instead of causing an exception
- Added Hungarian language
- The backup now attempts to set the memory limit to 256M before backup
- Removed the option to set the temp backup dir for simplicity
- Migrated to Dropbox App Folder mode for added security of your Dropbox account
- Fixed exclude widget issues on Windows Server
You can register for Dropbox here.
When you upgrade to version 1.1 you will need to reauthorize the plugin with Dropbox, once complete, an app folder named wpb2d
will be created in the Apps directory.
It worked perfectly fine for me. All of my blog backups finished without any issue but one strange thing I noticed is that, there isn’t any .htaccess or blank index.php file got created under /wp-content/backups
directory.
wpb2d suppose to delete the database backup file after upload to dropbox but it didn’t happened for on 3 blogs except 1.
It means anybody can access your backup file with simple URL: http://<blog_url>/wp-content/backups
/
This is what I observed today but I would like to mentioned that, till today I didn’t have that directory as I removed it before to store backup at other directory structure.
May be that the case. Also didn’t notice this vulnerability with previous versions.
It’s not a bad idea to check this. If in your case you see db backup file without .htaccess
or index.php
then create index.php file and put below code and copy it to “backups” directory. I’ve email Michael about the same. Hope to get quick response.
<?php // Silence is golden. ?>
deny from all
Update:
Plugin updated with blank file.