UpdraftPlus 1.9.50 is in the process of being released – you should see it appear as an update in your WordPress dashboard in the next day or two.

There’s very little exciting in this release! The change log includes 17 small tweaks for better usability and minor corner-case issues found by customers. But every little helps, and so we recommend every updates – this is our best UpdraftPlus yet.

Full changelog:

  • Tweak: Importer now supports a previously-unseen format for WordPress Backup 2 Dropbox backups
  • Tweak: Fix cron calculation that could have prevented UpdraftPlus loading when using ALTERNATE_WP_CRON (see 1.9.45)
  • Tweak: If insufficient permissions exist when restoring, then exit maintenance mode when this is detected; and handle the case of having create but not drop permissions more elegantly
  • Tweak: Defeat some other plugins/themes which load their CSS code onto UpdraftPlus settings page and break things
  • Tweak: Prevent a “not tested on this version of WP” message showing for a short time after install of a new version, when it only applied to the previous version
  • Tweak: Reduce HTTP timeout when checking for available plugin updates (paid versions) from 10 to 5 seconds
  • Tweak: Tidy up the post-restore screen a little – one less info box.
  • Tweak: When a restore finishes, WP Super Cache’s cache will be emptied (if present), to prevent confusion caused by cached pre-restore pages.
  • Tweak: Slight change to how the ‘mothership’ for updates is calculated, for more flexibility in our in-house testing
  • Tweak: Log more informative error if user chooses ‘FTP’ for their remote storage, but adds no FTP settings
  • Tweak: Change “any other directory” to “any other file/directory” in the “more files” add-on, to better reflect its capabilities
  • Tweak: Make sure that “more files” will skip UD’s temporary directory, if asked to back up a parent directory of it
  • Tweak: Default to https for updates checking, with fallback to http (only relevant to versions from updraftplus.com)
  • Tweak: Prevent ‘Strict Standards’ PHP coding notice with WebDAV on PHP 5.5
  • Tweak: Provide clickable link through to the admin email address in the reporting settings
  • Tweak: If the gzopen or gzread functions are disabled in the PHP install, then the message saying so omitted to say which one (or both)
  • Fix: WebDAV upload method could very occasionally fail to detect upload error conditions

David Anderson (founder, lead developer, UpdraftPlus)

We’re not doing this every week; only some… but this week’s “plugin of the week” is BruteProtect.

BruteProtect adds brute-force login protection (i.e. password guessing protection) to your WordPress website – with a particular twist. Most brute-force login protection plugins can only protect your site against the same attacker trying again, and again. This doesn’t work so well with many of today’s attacks, where different attackers (that is to say, different IP addresses) try just a few times each. The may not try more than 3 times each – and then never be seen again. So, blocking them achieves nothing.

BruteProtect adds the power of the network to this problem – every site that has BruteProtect installed will benefit from the knowledge of every other site. BruteProtect’s servers are informed when a failed login happens, and the IP address is noted. In this way, a list of known bad IP addresses is collected – and login attempts from these IP addresses ban be blocked on your site too.

BruteProtect is one of those “install and forget” plugins – it just does its job. It’s been well-maintained, has had decent support, has a 4.8 star rating, and looks to have a secure future, having been acquired by Automattic recently – who have pledged to keep the service free (running the servers costs money, of course). The 2.0 release added further features for keeping your plugins and themes up to date – but we’ve not yet looked at these. Apparently in future, BruteProtect will be merged into Automattic’s swiss-army-knife JetPack plugin. I’m not a big fan of JetPack – I like my plugins to do one thing, and to do it well. But that’s a matter of taste – and it’s possible that someone will maintain a stand-alone version of the plugin in future, if and when the big Jetpack merge does happen.

Brute-force login attacks are an entirely theoretical issue – right up until someone breaks into your website, and defaces or deletes it. (We’re glad you’ve got good backups, ahem!). With a plugin like BruteProtect, they should for the larger part be able to stay that way – not actual, but theoretical. It’s not a complete security solution, and does not aim to be – but it’s a handy part of a solution. Once again, here’s its wordpress.org plugin page: https://wordpress.org/plugins/bruteprotect/

David Anderson (founder, lead developer, UpdraftPlus)


If you had a problem posting a support request using our paid customers support request form over the last 24 hours, then we apologise – please try again now. It looks like our webserver was experiencing random failures on this particular page. We are still investigating the exact cause, but the form is now working again.

Also, if you find the support form not working, then there’s always the paid customers’ support forum.

David Anderson (founder, lead developer, UpdraftPlus)

You’ve very likely heard about PHP many times, if you’re running a WordPress site… but, do you know what it is, and why it matters?

PHP is the programming language that WordPress, like most websites, is written in. It has its share of defects, but has the huge positive of being available everywhere. It’s easy and free to learn, there’s a huge ecosystem, and for that reason dominates the world of web applications.

Why care?

Now, you’re thinking “Does this matter? As long as it works, then this isn’t something I need to care about… I’m working much higher up the stack: I install WordPress, install plugins, look after my WordPress dashboard… perhaps I Google for and then copy and paste a few bits of PHP code sometimes when I have a special problem – isn’t that it?”

One issue that WordPress developers and site builders can improve by learning a little bit more about is PHP versions. The full technical history of how PHP got to where it is today is interesting, but that’s not what we mean. What WordPress site owners need to know about is the significance of differences between major PHP versions – so that you can make sure your site is secure, running efficiently, and compatible with plugins you’re likely to want to use.

PHP version numbers

Major PHP versions currently are of this form: 5.x, where x is another whole number. (The first 5.0 version was in 2004, so we’re still going a long way back here!).

WordPress requires at least the 5.2 series of PHP releases to run on (to be more precise, at least 5.2.4). This was released in August 2007, and it’d be all-but-impossible to find a web hosting company offering anything less.

Since the 5.2 series, there have been other major releases: 5.3, 5.4, 5.5 and (in August 2014), 5.6. This version numbering scheme will soon end – the next PHP release is going to be PHP 7 (PHP 6 is being skipped, to avoid some confusion due to ideas for a “PHP 6″ from some years ago).

You’re still with us, and not fallen asleep yet? Great… we’re getting to the stuff that matters! What do you need to know?

PHP 5.2

PHP 5.2 reached its official (i.e. according to the PHP group) end-of-life a long time ago – in January 2011. It’s full of known security issues, and if your web hosting company is still offering it as the default setup (sadly, such companies appear to exist), then it’s time to find a less lazy vendor. Honestly: yours doesn’t care. They’re whole years off the pace.

How many WordPress sites still actually run on PHP 5.2 (largely on sites set up years ago, and not upgraded)? The answer is, lots: just under a third. So, plugin authors still (if they want their plugins to run everywhere), have to support PHP 5.2. However, more and more plugin authors will no longer do this, because a) the testing burden is too high – if you’re supporting 5.6, 5.5, 5.4, 5.3, then a version end-of-lifed 4 years ago may be too much, and b) PHP 5.3 brought in a lot of new “good stuff” for developers to use. Coding for compatibility with 5.2 eats your time. (Since UpdraftPlus is a backup plugin, and people want reliability, we will continue to support PHP 5.2 for as long as WordPress does – don’t fear!).

Short summary: if your web server is still running PHP 5.2, then upgrade it now (this might just involve ticking a box in your control panel, or involve talking to your web hosting support to do it for you – it depends; you will need to ask them, if you’re not sure). What’s next?

PHP 5.3

PHP has been hugely popular, mostly because of being the default version installed on the most popular web server operating system (and because the vendor of that system, for a long time, did not provide any easy way to upgrade). PHP 5.3 installs currently account for a further 38.4% of servers that WordPress runs on.

I’ve not yet come across a plugin developer who didn’t support PHP 5.3. If someone doesn’t support at least 5.3, then they’re saying goodbye to 7 in 10 users. So, 5.3 seems a safe choice from this point of view.

However, in fact, PHP 5.3 has also been end-of-lifed, since August 2014. The PHP group will never make any future releases for it. Any security holes found in it will not be repaired, by them. That sounds scary, but isn’t quite as bad as it seems – updates are still being engineered by the operating system vendors for operating systems that included this version. Most webservers run a derivative of Red Hat Enterprise Linux 6, and hence should be covered until November 2020. So, you probably won’t have to worry about the security angle until then.

However, even though developers will officially support PHP 5.3, and testing upon it, they’re not likely to be using it themselves to develop upon (good coders want to keep up with the state of their profession). So, if your website is still running PHP 5.3, then you should consider upgrading – not as a “urgent – now!”, item, but something to get sorted in a timescale of months.

Which brings us to…

PHP 5.4

PHP 5.4 is a currently supported release, and currently used by just under 25% of web servers running WordPress. So, cumulatively, that takes us up to 95%. For this reason, we recommend running PHP 5.4. It’s now growing rapidly, as hosting companies have responded to the PHP 5.3 end-of-life. The changes from PHP 5.4 to 5.5 were quite minor, and is supported by every plugin and theme that exists (AFAIK).

PHP 5.4 also had some nice under-the-hood improvements to its speed and memory usage – the improvement from 5.3 up to 5.4 for normal use-cases appears to be more significant than any others in recent times. So, if you use PHP 5.4, then things run faster, and you get more money from your investment in resources.

It’s not impossible to have problems in PHP 5.4 that you did not have in PHP 5.3 – but, having personally overseen the upgrade of a webserver running over 250 WordPress installs, it’s very unlikely – I saw three WP sites with problems (so, around 1%); each due to a very old plugin that just needed an update to a current version.

At UpdraftPlus.Com, we also recently upgraded from PHP 5.3 to 5.4. Everything went smoothly, apart from having to swap a very low-level “opcode cacheing” extension (something you won’t have, unless you run your own webserver and tune it at a low level). The site immediately ran faster, and used less memory – where before we were pushing some limits, we’ve now returned to a comfortable margin, and can support even more growth.

It’s worth noting, though, that officially PHP 5.4 hits its end-of-life in September of this year! The world of web hosting moves slowly…

PHP 5.5 and 5.6

The pragmatic WordPress site builder doesn’t need to know much about these, yet. PHP 5.5 is just beginning to take off, and is used by 4.2% of WordPress sites. That means that if you decide to use it, then you’re no longer a “canary in the mine” – with WordPress’s massive popularity, 4.2% equates to a gigantic amount of websites. As a bonus, it’s likely that a majority of your plugin developers use this as their default version too (if not 5.6).

5.6 only just appears on the chart, at 0.4% – that’s still a lot of sites, numerically, but you’re choosing to be very leading edge if you’re looking at that already.

These are the official PHP group PHP releases. There are other exciting initiatives going on, which are beginning to deliver alternative PHP setups, with the promise of huge speed increases. These are also very leading edge, if you’re approaching them as a WordPress site builder, and you’ll to invest in a fair amount of research and work to get up to speed with using them, if you’re interested.

So, now you know – PHP versions aren’t something you have to think about a lot, but it’s the engine that runs everything else. It matters, and you can improve your speed, security and compatibility, by making the right choice.

David Anderson (lead developer, founder, UpdraftPlus)


As a new feature for our readers, we’re starting a “featured plugin” category. Think of it as “plugin of the week” – but we don’t promise to have one every week!

We start off with what we consider a must-have plugin for every WooCommerce store owner who sells to any buyers outside their own country: Aelia’s “Currency Switcher for WooCommerce”.

What does it do? Put simply, it allows you to display prices, and sell, in multiple currencies. Visitors have their country detected (via a GeoIP lookup), and are shown the price in the best currency for their country.

Why would you not want to do this? You can’t be having much of a shop, if the extra sales you’ll get by showing people prices and taking payments in their local currency (and not charging them currency conversion fees, whether directly or indirectly), don’t cover the cost of this plugin many times over.

Note: this isn’t a plugin just for displaying prices in a different currency, whilst customers continue to pay in a fixed currency (with exchange rates, etc.). It’s a full solution: customers get a start-to-finish experience that is entirely in their own currency.

Why do we particularly recommend this solution? To keep it short and sweet, it’s for these reasons…

  • Code quality: we’ve read lots of Aelia’s code (we normally read the code of every plugin we install), and theirs is some of the best available in the WordPress world, in terms of organisation, sensible use of modern standards, readability and standards compliance.
  • Tried and tested: it’s been in use here on updraftplus.com for a year now, and done a great job.
  • Great support: as you can see from the reviews tab for the plugin, Diego Zanella has a great track record for prompt and efficient support.
  • Maintained, with prompt bug-fixes: the plugin has consistently been kept up to date with new WooCommerce releases, whilst remaining backwards compatible (currently back to WooCommerce 2.0), and where issues have been found, they’ve been promptly fixed. (Don’t let anyone tell you that a plugin costing more than $0 shouldn’t have bugs: this never happens in the complex world of computer software, and you shouldn’t believe a vendor who claims they can do it).
  • Integrations: Aelia have a great track record in making sure that a wide range of other extensions are compatible, and providing solutions where necessary. (Well-behaved extensions are usually already compatible – but Aelia have a number of free add-ons to help with extensions that aren’t written quite as they should be, or that need special help).

Just one thing that some users will need to note – you’ll need PHP 5.3 or later on your webserver (and since PHP 5.3 itself already reached its end-of-life last year, if your web hosting company doesn’t already have at least this, then they’re really letting you down).

There are a couple of other competing products out there now – but personally, we won’t be bothering: there’s no need to. If a top-quality product with top-quality support isn’t worth paying for, rather than trying to shave off a few cents here and there, then it’s not worth your time running a shop to begin with.

Here’s the link -we’re not getting any affiliate sales or other quid pro quo, and this is a direct link: Currency Switcher for WooCommerce, by Aelia.

And if you’re interested in that kind of area, then here’s another couple from our own sister company, that you may find useful: 1) WooCommerce Country Detector – avoid losing sales to customers who don’t spot that they need to change the default WooCommerce country when they check-out, and 2) WooCommerce EU VAT Compliance – for sellers of digital goods to EU buyers.

David Anderson (founder, lead developer, UpdraftPlus)

As many of you noticed, on Sunday updraftplus.com had some unplanned downtime when connecting via https.

This was caused by a crash in our PHP-cacheing module, XCache, which could not be fixed by our automated monitoring solution. We have tweaked the part of our site that XCache appeared to take exception to, so that this should not happen again. It also looks like, for another 90 minutes, CloudFlare (part of our security / speed solution) also had trouble in some regions.

Access to the site was restored first thing on Monday morning. In the mean-time, we are sorry for any and all inconvenience caused. As far as we know, everything is now back to normal; please let us know if you see anything still amiss. We had one report from someone who successfully got served the support form page, but could not submit it – if you submitted a support request and aren’t sure if it went through, then please do send it again to make sure.

David Anderson (founder, lead developer, UpdraftPlus)

We’re pleased to say that it looks like we’re going to meet the January 1st deadline to be ready for the EU’s new VAT law, for selling digital goods to EU buyers.

This is thanks to our sister company’s “WooCommerce EU VAT Compliance” plugin, which we believe is currently the only plugin that can provide compliance with all of this onerous new law’s requirements.

From 1st January, EU  buyers will be charged VAT at the rate of their country of residence, and be issued with compliant invoices. Non-EU buyers will not face any additional taxes. If you’re in the EU and thinking of buying, then we recommend going ahead before then, and avoiding the tax before it comes in. (UpdraftPlus is currently legally VAT exempt, for 45 more hours only).

And, if you sell digital goods to the EU – then we recommend you take a look at the WooCommerce extension. There’s a free version too, with fewer (but most) features – so you can take a look at what you’d be getting, and how it works.

David Anderson (founder, lead developer, UpdraftPlus).

Version 1.9.46 of UpdraftPlus has just been released, for all users.

This is a minor improvement, including the following items:

  • Feature: Chunked/resumable uploads are now supported for SFTP
  • Tweak: Work-around conflict issue in Manage WP worker plugin which caused a crash when authenticating with Dropbox
  • Tweak: Prevent PHP notice when listing files on SFTP server
  • Tweak: Reset an internal upload counter used to detect activity when a cloud storage switch is made due to no apparent activity – could prevent some large, long-running uploads on hosts with little available execution time
  • Fix: Scan for existing backup sets added manually to local storage in recent versions could overlook some unless clicked twice, in non-GMT timezones

It is a recommended update for all.

David Anderson (founder, lead developer, UpdraftPlus)

Merry Christmas from Team UpdraftPlus to all our customers!

To help you celebrate, here’s a beautiful version of “O Holy Night” from Il Divo:

“The King of kings lay thus lowly manger; In all our trials born to be our friend. He knows our need, our weakness is no stranger, Behold your King! Before him lowly bend!”

David Anderson (founder, lead developer, UpdraftPlus)

Earlier this morning, UpdraftPlus became the first backup plugin (and hence the first backup/restore plugin) to pass 1.6 million downloads from wordpress.org.

This means that UpdraftPlus (free edition) recently over-hauled BackWpup (which had a 3-year head-start) to become the most downloaded free WordPress backup plugin. Combined with paid versions (take a look here, if you’re in the market), UpdraftPlus is now undoubtedly the most downloaded and most installed WordPress backup solution in existence.

So, 2014 has been a huge year for us – but we’re not resting on our laurels. Plans are already in progress for even bigger things in 2015. Thank you for choosing UpdraftPlus, and stick with us!

David Anderson (founder, lead developer, UpdraftPlus)


UpdraftPlus is a trade mark of Simba Hosting Limited (www.simbahosting.co.uk), UK registered company number: 8570611, VAT number: 202 1260 80

$0.000 items