For websites using a content management system (CMS), backing up the database is crucial. In fact, database content such as posts, comments, and users is often more important to website owners than the file content (e.g. themes and plugins). That’s why CodeGuard now automatically detects and adds databases for websites built with WordPress, Drupal, and Joomla.
After adding a website, we scan the selected root directory for files that help us identify the site as a CMS. We then parse out the relevant connection settings from the database configuration file (e.g. wp_config.php for WordPress). If we can connect with these settings, we add the database to CodeGuard without any further setup. No more searching through handwritten notes, emails, or password managers for the right credentials to use! We’ll detect them automatically!
Optimizing for speed
Scanning a whole website for database credentials takes time, and users don’t like loading bars that move too slowly. When implementing this feature we had to decide how much time to spend analyzing websites and testing connections before displaying some results. In the end, we opted for speed, deciding to keep our users waiting as little as possible. We only check for database configuration files in their typical locations, and we only attempt to connect to databases directly. This covers the most common configurations, and keeps the setup process quick and painless.
Another hurdle we faced while building this feature was determining the best way to extract the relevant configuration settings from the various PHP files used by each CMS. Some content management systems hold their settings in global variables, others constants, and some even use an associative array. We needed a solution that could handle each of these cases while also avoiding pulling settings from comment blocks.
One option would have been to load the configuration files into PHP and then output the relevant variables. Evaluating arbitrary PHP, however, is not the best idea. Instead, we created a small library of regular expressions to pull out just the information we need. Although it’s not a perfect solution, this allows us to extract the right information in nearly every scenario, with relatively little risk compared to other strategies.
In the event that we cannot open a direct connection to a database, we could still save time in the addition process by pre-populating the database addition form with detected settings. Users would then only need to add the missing information.
Right now the automatic database addition process is a one-time event. It happens only when a website is first connected to CodeGuard. In the future we may perform automatic database additions at other times as well. Checks performed after the first website backup would allow us to analyze websites entirely within our own optimized systems, which would be much faster and more thorough than searching through content during the configuration process, when accessing the data means traversing across the network. Continuously checking websites for new database settings would allow CodeGuard to automatically configure databases as they are created or updated.
Give it a try!
See the new automatic database addition process for yourself by adding a WordPress, Drupal, or Joomla site today! Feel free to send any feedback to [email protected]. We’d love to hear how your experience goes!