Why renew your UpdraftPlus Premium license for another year?

Premium support

Well, there’s our technical team. They’re available 18 hours a day to help you with any issues you may be experiencing. If you need help, just complete our customer support form. One of our experienced developers will email you back.

New features and improvements

An active licence allows you to update to new versions, gaining new features and staying compatible with future releases of WordPress. Check out our snapshot below of the many changes we made last year, to keep your UpdraftPlus instance up to date and optimized. 

Here’s a quick snapshot from our changelog of the many improvements we brought to you in 2023

6 Features
    1. Add JSTree for Google Drive to select existing folder
    2. The “Must-use plugins” backup entity can be backed up and restored separately in a normal WordPress site
    3. Support Cloudflare R2 as a generic S3 storage provider (always use v4 signature)
    4. Added the ability to get an accurate row count for all tables in the advanced tools
    5. Expose an option in the UI to disable chunked uploading when using WebDAV remote storage (previously required a constant)
    6. Add the ability to anonymize WooCommerce order data when cloning a site
33 Fixes

With over 3 million users testing all the features of our plugin every day, we sometimes get informed of opportunities for improvement.

UpdraftPlus may be simple to use, but it’s an advanced piece of engineering. So we set our development team the goal of fixing any issues immediately, sometimes within 15 minutes of the error being spotted.

 

    1. Resolved Google Cloud remote storage authentication flow
    2. An issue that prevented incremental backups from running via WP-CLI or Cron when the option to backup mu-plugins was enabled but no mu-plugins existed
    3. OneDrive remote storage authentication was giving the error “Invalid input.”
    4. The option to back up additional, user-chosen files (i.e. the morefiles entity) was no longer present in the UI
    5. Issue that prevented some database restores from completing due to a change in wpdb in WordPress 6.4
    6. Fix a vulnerability which could, if you had Google Drive storage enabled, and if an attacker targetted a logged-in administrator on your site and persuaded them to access a specific URL that the attacker creates, add the attacker’s own Google Drive account to the saved storage methods. Thanks to Nicolas Decayeux of Patrowl for finding and disclosing this issue.
    7. OneDrive folder case sensitivity issue (successfully uploaded backup files to the remote storage but failed in pruning old backup files due to different letter capitalisation; also happened in manual deletions)
    8. When two instances of WebDav remote storage were sequentially added in the Premium version, filling some fields of the latest instance would break the WebDav URL of the previous instance
    9. Fatal error of Uncaught ArgumentCountError when the UpdraftPlus settings page is browsed from an IP-adressed site (i.e. no hostname) on PHP 7.1+
    10. Incorrect caching mechanism such that when multiple Google Drive storage back-ends were in use (Premium feature), uploading to a storage would fail due to unmatched folder ID taken from a different storage instance
    11. Content-MD5 and any V2-related headers were always included in the S3’s V4 SignedHeaders even though the headers were not presented in a HTTP request
    12. Generating URL-encoded queries for a canonical request should have used a method/mechanism which encoded query values according to RFC 3986 (for consistency and for not breaking the code)
    13. Search / replace database not working on Admin dashboard > Settings > UpdraftPlus Backups > Advanced Tools > Search / replace database on PHP 8.2 due to stricter type checking
    14. A newly added subsite that was restored from a normal site to the multisite was not listed in the site list in the multisite
    15. Manual deletion of backup sets appeared to skip some files when multiple instance and/or remote storage were in use
    16. The SFTP remote storage stopped working in the UpdraftPlus 2.23.6 release. Reverted the change “TWEAK: Validate SFTP key field on credential test and before save”
    17. When Dropbox returns an error, this error was not always correctly passed up to the logging layer
    18. Search / replace database not working on Admin dashboard > Settings > UpdraftPlus Backups > Advanced Tools > Search / replace database on PHP 8.2 due to stricter type checking
    19. The SFTP remote storage stopped working in the UpdraftPlus 2.23.6 release. Reverted the change “TWEAK: Validate SFTP key field on credential test and before save”
    20. Search / replace database not working on Admin dashboard > Settings > UpdraftPlus Backups > Advanced Tools > Search / replace database on PHP 8.2 due to stricter type checking
    21. Fixed a missing nonce combined with a URL sanitisation failure, which could lead to a targeted XSS opportunity (if an attacker persuades a logged-in administrator to both re-authorise their connection to a remote storage (e.g. Dropbox) and then to follow a link personally crafted for their site before re-authorising whilst logged in, he can then store a fixed JavaScript payload in the WP admin area (they would need a further route to use that ability to cause any damage). Because of the need for the administrator to co-operate in multiple steps, this attack is very unlikely (but you should of course still update).
    22. DigitalOcean S3-compatible storage does not work with disabled SSL entirely where possible settings.
    23. If there was an error or network connectivity issue on first attempt of uploading a plugin/theme file, then the second attempt of uploading the same file would make the file become corrupted thus resulting in installation failure.
    24. Fixed an important security defect – please update. Full details: https://updraftplus.com/updraftplus-1-23-3-2-23-3-important-security-release/. Sites are affected if there are WordPress users (i.e. people who can login) who can reach the back-end (i.e. wp-admin) dashboard (but we recommend everyone updates in any case).
    25. Automatic backups before updating a plugin, theme, or WP core were not working (regression in 1.23.1)
    26. A database backup couldn’t be taken from WP-Optimize and All-In-One Security (AIOS) (regression)
    27. An over-ride enforcing use of V4 signatures on Aliyuncs S3 storage was no longer working
    28. pCloud error handling in chunked uploading did not pass the error message up to the logging layer
    29. Backups started under WP-CLI could not backup the database only without any files
    30. Couldn’t add any file/directory inclusion for “Other” entity due to access to one directory up from the current (ABSPATH) isn’t permitted
    31. Atomic restore is not renaming a few tables when not restoring specific tables by using the filter updraftplus\_restore\_this\_table.
    32. Sometimes the “delete old directories” notice displayed even though the actual -old directory didn’t exist
    33. The restore point date time was incorrect in the restore screen when restoring the incremental backup, and the WordPress site has a non-GMT timezone set.
98 Tweaks

SO many tweaks through the year. They all add up to improve your WordPress backup and migration experience:

 

    1. Changed updraftvault links functionality to open in different tab
    2. Clarify significance of warnings in report emails
    3. Make the news-consent’s layer fit with the confirmation text thus removing empty space that can reveal some of the UpdraftPlus news
    4. Declare a shim “php_uname” function when it’s found to be undefined to prevent a fatal error in the phpseclib library (which calls it)
    5. Remove unused “migrator-lite.php” string during search and replace operations
    6. Replace remaining hardcoded text domain with UPDRAFTCENTRAL_TEXT_DOMAIN placeholder within the central folder
    7. LiteSpeed admin dashboard warning is now displayed upon completion of migration on the destination site, even after dismissing the message on the source site.
    8. Do not show UpdraftPlus news in the WordPress events and news widget section without first gaining user consent
    9. Change order of checks when seeing if cPanel is present/accessible for asking about disk quota in order to prevent unwanted an PHP notice when safe_mode is active
    10. Prevent potential fatal error if something has modified an updates check’s ‘translation’ property to be invalid before passing on to UpdraftPlus
    11. Update bundled cacert.pem file
    12. Replace Javascript onchange event with oninput event to detect changes made for HTML <input> tags on the settings page, also to add <textarea> to the event handler so that unsaved changes can be detected
    13. Update phpseclib library from version 1 to 2. As previously advised, this also means that these features (Database Encryption, Dropbox & SFTP/SCP remote storage, and UpdraftCentral key creations) will no longer be available and can cause a fatal error when running on PHP 5.2
    14. Add a link to Trustpilot in the review prompt
    15. Added a warning message when the WP_HTTP_BLOCK_EXTERNAL is defined and set to true
    16. Added the “Copy to clipboard” button under the self-hosted central option
    17. File size is shown when pressing on the backup entity
    18. Fix the restore dialog to not display “plugins” checkbox when only there’s “mu-plugins” entity
    19. Fixed PHP 8.2 deprecation messages caused by a null value being passed to the rtrim() function
    20. Resolve PHP deprecations for the dynamic property access by declaring the variables in the class
    21. Includes the plugin.php file path if “get_mu_plugins” function does not exist.
    22. Provide default options for function UpdraftPlus::backup_all()
    23. Add and call the litespeed\_finish\_request() function to ensure the HTTP connection made from the browser gets closed immediately without having to wait the process to complete thus leaving it run in the background
    24. Ensure no PHP “Class not found” is showing up during credentials testing
    25. Add type checking in UpdraftPlus::handle_url_actions() to prevent plugin conflicts causing PHP errors on PHP 8+
    26. New S3 signature version setting is added to the S3-Compatible (Generic) configuration form, giving an opportunity for the user to choose which signature version to use (SigV2 or SigV4)
    27. Enable PHP 8.3 (see: https://stitcher.io/blog/new-in-php-83) support in UpdraftClone
    28. Adjust fread() sizes for better performance when uploading an archive via the widget
    29. Define class properties in UpdraftPlus_Addons_Migrator class for PHP 8.2 compatibility
    30. Add a warning in the log file if AWS connection fails and a TLSv1.2 connection test fails
    31. Add warning for user if only PclZip available
    32. Fix unable to switch tab when a plugin (wrongly) loads certain CSS onto UD’s settings page
    33. Remove the word ‘apparently’ in the backup success message
    34. Update to latest phpseclib 1.0.X version (prevents deprecation notice on PHP 8.1+)
    35. Change “s3” property to “public” in UpdraftPlus_AWSRequest class for PHP 8.2 deprecation compatibility [https://source.updraftplus.com/team-updraft/updraftplus/-/merge_requests/1481]
    36. Fixed Missing/ broken links for the pCloud image in addons tab
    37. Buying UpdraftClone tokens through inline checkout
    38. Fixed Spelling errors in updraftplus repo
    39. Added save button at the top of setting tab content
    40. UpdraftCentral module now, by default, overwrites the same existing theme installed on the remote sites (if any), regardless of what version is currently installed or what version being uploaded and installed
    41. Define class properties in Updraft_Checkout_Embed class for PHP 8.2 deprecation compatibility
    42. Update the composer package yahnis-elsts/plugin-update-checker for PHP 8.2 compatibility
    43. Added username and email details for authenticated dropbox account in updraftplus settings
    44. Split sentences to make one sentence in any translation functions
    45. Fixed Missing/ broken links for the pCloud image in addons tab
    46. Buying UpdraftClone tokens through inline checkout
    47. Prevent PHP warning during some migrations when no table list provided
    48. Remove the incremental dropdown on incremental backup restore when the user selects only the database to restore
    49. Validate SFTP key field on credential test and before save
    50. Remove the unused UpdraftPlus_S3::getHttpUploadPostParams() method
    51. Attempt to workaround some web hosts’ opcode cache producing incorrect error upon upgrade
    52. COMPATIBILITY: Fix pCloud deprecated warning in PHP 8.2
    53. COMPATIBILITY: Fix Google Cloud deprecated warning in PHP 8.2
    54. COMPATIBILITY: Fix Google Drive deprecated warning in PHP 8.2
    55. Fixed issue with cron jobs not clearing after wiping settings
    56. Added link to WP-Optimize in the database size tab in the advanced tools
    57. COMPATIBILITY: Suppress htmlspecialchars deprecation warnings on PHP 8.1
    58. COMPATIBILITY: Suppress some PHP 8.2 deprecation notices from use of ${} style variables, and others from use of dynamic properties
    59. Handle web hosting company setup that disabled pclose() but not popen()
    60. All HTTP requests to the Google Drive API now, by default, forces to use HTTP/1.1 version. Also, a constant named UPDRAFTPLUS_GDRIVE_CURL_HTTP_VERSION can be set in the wp-config.php file to change the default HTTP version to another preferred version
    61. Improve ‘move’ and ‘copy’ filesystem functions in restoring directories containing files to a different mount point/partition than where they reside
    62. Improve files pruning mechanism, by not repeating already-done ones when resuming deletions
    63. Improve the Handlebars templates of the Google Drive, Dropbox and UpdraftVault remote storage modules by taking PHP code out of them
    64. Improve widget layout when decrypting a backup
    65. Remove Bootstrap CSS in Restore Wizard and replace with Flexbox CSS
    66. Add multisite subsites header information to the database backup file that will be used for converting a network subsite to a standalone normal WordPress site
    67. Add the UpdraftPlus plugin slug header to the database backup file
    68. Include next-level-up directory path along with deleted folder’s name when deleting a folder
    69. Update seasonal notices
    70. Make common logic for getting backup history from the database
    71. Remove usage of the file_get_contents() function from WebDAV remote storage without chunking upload
    72. Pass through some previously unhandled Dropbox error codes
    73. Added the “non-core” word to the WordPress database tables excluded warning.
    74. Remove WordPress core tables from the non-core WordPress database tables excluded list in restoration step 2
    75. When migrating the www site, the search replace will be performed in database tables on the non-www domain too, and vice versa
    76. Add a user capabilities check when downloading a backup (this is not believed to have any security implications, as the download operation already requires knowledge of a further nonce that there is no mechanism for a non-administrator to obtain).
    77. Improve the Handlebars template of the UpdraftVault remote storage by taking PHP code out of it
    78. Prevent making a nonce available to logged-in users who could not manage UpdraftPlus (this did not give access to any unauthorised actions)
    79. Improve the Handlebars template of the UpdraftVault remote storage by taking PHP code out of it
    80. Improve the Handlebars template of the pCloud remote storage by taking PHP code out of it
    81. Improve manual rescanning and deletion of backup sets by setting up a time limit to a value defined in UPDRAFTPLUS_SET_TIME_LIMIT constant to minimise chances of getting fatal error (maximum execution time exceeded)
    82. Add a filter updraftplus_mysqldump_arguments to allow changing of arguments passed to the mysqldump binary when that is being used
    83. Include PHP version in default S3 user agent to aid debugging
    84. Disable Gravatar on UpdraftClone
    85. Cleanup .list.tmp files when a cloud backup completes
    86. Use the function that lists our own cron schedules to simplify the way backup intervals are prepared and to avoid schedules mismatch
    87. Improve manual deletion of backup sets by setting up a time limit to a value defined in UPDRAFTPLUS_SET_TIME_LIMIT constant to minimise chances of getting fatal error (maximum execution time exceeded)
    88. Improve the Handlebars template of the S3-Compatible (Generic) remote storage by taking PHP code out of it
    89. Increase max_recursion value to 20 in class-search-replace.php
    90. Add a new function that lists our own cron schedules so that it can later be used as schedules sorting purpose also as a main source from which our schedules list is originated
    91. Display Google drive email address along with account holder name
    92. Fixed WebDAV PHP 8.1+ deprecated warnings
    93. Updated text message displayed on Web Server – Localhost UC Dashboard Key Creation.
    94. Use nonce in every part of a restoration process to prevent direct access that has allows an unwanted log file to be begun. On sites running on end-of-lifed PHP versions (<8.0) it was possible to read the beginning of the log file, causing an unintended information disclosure about the server environment, e.g. Apache version, PHP version and available memory (but current PHP versions are not vulnerable).
    95. Use nonce when starting a new restoration and strengthen the continuation process to prevent direct access that has the potential of being file and/or log abuse
    96. Improve the WebDAV storage module API in regard to the way it handles uploading and writing files
    97. Replace the word “Directory” with “Folder” in UI notices
    98. UpdraftVault: select storage class intelligently