Blog Post

Handling encryption in backups

On of the things I want to do with backups is to add encryption of files inside the archive, mainly database and some of source files at least. But, web servers and PHP is not really well suited to handle any type of encryption due to complexity and limited resources for such operations.

I am looking into different solutions for encryption, and as it looks now, PHP mcrypt extension  is best solution of this. Problem is that servers can be set up without this extension installed. Other solutions are much slower than mcrypt that on its own is slow already. Tests I did show that the even the simplest encryption can slow the process 20 or more times. Also, encrypting a single file requires memory, so that also limits the amount of data PHP can handle for this.  Problem with encryption in PHP is that must be in memory operation. If you need to encrypt the file, that file must be loaded, encrypted and saved. There are no stream based functions, partial encodings and things like that in PHP. Also, in most cases PHP can be assigned maximum of 256MB of RAM, new servers, new PHP versions allow up to 4GB (as far as I know).

At this point I am thinking of encrypting database data. Encrypting PHP files can be pretty pointless, since most of the installation is WordPress, themes and plugins that don’t hold anything worth encoding. And to encode uploaded files, images, videos and things like that will be very complex to do and again, limiting by the size.

To encrypt database data there are few approaches to it. If the backup is done using mySQL dump, only way to make encryption is to encrypt the database file. But, to do that, file must be smaller than 100MB (with GZIP that can be achieved). 100MB GZIP SQL file can hold typically up to 500 MB database. So, big websites can’t use this method. For instance, Dev4Press website right now has 100MB database, packed in under 15 MB GZIP. The whole file is encrypted after backup. If database backup is made using SQL functions in plugin, encryption can be done same way as described before on the completed file. But, also, I can attempt to encrypt parts of the data before writing them into file. This will be very complicated to do, but it is doable.

Encrypting files can be done also, but the more files to encrypt, the slower the backup process will be. Dev4Press website, full backup takes about 3 minutes to backup everything (500 MB). From encryption tests I did, for 100% encryption this can take up to an hour or even more, with also high CPU usage during this period, and that can leave your website unresponsive.

So, what to do? I am open to suggestions on how to handle encryption for backups. If you have examples on how to handle large file encryption, tips on how to do it, or suggestions on what to encrypt, how to go around PHP limitations, please leave comments, or contact me directly if needed.

Please wait...

About the author

Milan Petrovic
Milan Petrovic

CEO and Lead developer of Dev4Press Web Development company, working with WordPress since 2008, first as a freelancer, later founding own development company. Author of more than 250 plugins and more than 20 themes.

Subscribe to Dev4Press Newsletter

Get the latest announcements, release digests, promotions and exclusive discounts, and general Dev4Press-related news straight into your mailbox.

This form collects your email (optionally your name) for the purpose of sending you newsletters. Check out our Privacy Policy for more information on how we store and manage your data. We will not send you any spam. Newsletters are sent 2 to 4 times every month.

Latest From The Blog

license management

License Code Validation and Management

Dev4Press License validation system updates will soon be deployed, including license code management via the Dev4Press Account Dashboard. All updates will be deployed on April 14, 2024.
panel options

In Development: SweepPress Pro 5.0 and Lite 3.0

In about two weeks, brand new, significant updates to SweepPress Pro and Lite plugins will be released, bringing several game-changing features to WordPress cleanup and maintenance tools already included.

GD Press Tools Pro 6.3

The new major release for GD Press Tools Pro, version 6.2 is here, and it brings some major changes. First of all, the plugin has two addons less, one addon is added and one more addon has been deprecated (but still included for now).

Grammarly - Number 1 Writing App
WP Rocket - Make WordPress Load Fast in a Few Clicks