ERROR: Could not generate a WordPress export file

  • I’ve had this problem happen on multiple sites. I get an email saying it failed. However, it looks like it tries to make the WordPress XML file multiple times, eventually succeeds, and then successfully finishes and uploads the file–but I still get the email that makes me think the backup completely failed.

    I found some other threads related to this issue, usually saying that a more recent version of the plugin will solve the problem–but in most cases I am using the most recent version of WordPress and of BackWPUp.

    Of course, I could disable the WordPress XML backup, or just ignore the messages as the backup does seem to succeed eventually, but it would be nice if I didn’t have to do that.

    [ Potentially sensitive information redacted ]

    https://www.ads-software.com/plugins/backwpup/

Viewing 2 replies - 1 through 2 (of 2 total)

  • Don’t publish the stored location and file name of your backup set. If someone gets your backup, they can very likely crack your passwords. Hackers have already calculated the encrypted version of the top 100,000+ passwords, and all the common letter substitution tricks (e.g. substitute o with 0 or a with @).

    Backup transferred to https://s3.amazonaws.com/LOCATION/full/backwpup_FILENAME.tar.gz

    **** Rename that backup file NOW on S3. Change all passwords NOW ****

    Don’t publish your full file path on public boards. You just gave hackers crucial information about your system.

    Don’t publish your actual database name on public boards. SQL Injection attacks need the actual database name.

    Never use wp_ as your database table prefix, for any WordPress installation, for the same reason. The iThemes Security plugin has a tool for changing that (of course, Backup First).
    If you are going to publish table names, edit them to have wp_ (which would then be Wrong for your actual setup)

    [INFO] Temp folder is: /home/USERNAME/public_html/wp-content/uploads/backwpup-FOLDERNAME-temp/

    [INFO] Logfile is: /home/USERNAME/public_html/wp-content/uploads/backwpup-FOLDER-logs/backwpup_log_FOLDER_DATETIME.html

    [INFO] Backup file is: /home/USERNAME/public_html/wp-content/uploads/backwpup-FOLDER-temp/backwpup_FOLDER_DATETIME.tar.gz

    [26-Oct-2014 01:14:08] Connected to database DATABASE on localhost

    [26-Oct-2014 01:14:08] Backup database table “wp_commentmeta” with “0” records
    etc.

    [26-Oct-2014 01:14:09] Added database dump “DATABASE.sql” with 1.18 MB to backup file list

    [26-Oct-2014 01:14:11] Added XML export “EXPORTNAME.xml” with 72.61 kB to backup file list.

    [26-Oct-2014 01:14:36] Connected to S3 Bucket “S3BUCKET” in

    [26-Oct-2014 01:14:38] Backup transferred to https://s3.amazonaws.com/S3BUCKET/full/backwpup_FOLDER_DATETIME.tar.gz.

    Thread Starter Alamoxie Web Design

    (@alamoxie)

    Thanks for your thoughts, George.

    I already had a unique S3 user for that bucket; nobody could download from that bucket without that user’s access token and secret access key, and that user only had access to that one bucket.

    I have the website configured to keep plugins and the WordPress core up to date automatically, and to check for and prevent security issues.

    The passwords I use are always very long and fully randomly generated, so they would definitely not be in any top password list.

    I could be wrong, but I believe a skilled attacker would not be stopped by not knowing the database name or table prefix ahead of time.

    However, you have provided much valuable food for thought–your post prompted me to do further research on WordPress security, and now I am taking extra steps to secure my sites going forward. In addition, I have changed much of what you suggested, to be absolutely certain of avoiding issues. Thanks for your detailed and helpful response!

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘ERROR: Could not generate a WordPress export file’ is closed to new replies.