WordPress Move – Requesting Feedback
I am writing this because we decided that we should consider others’ opinions as well since what I want your opinion about is security-related.
So basically, my plugin will be uploading archived files to the new server the user wants to migrate to. To reduce the amount of abuse, we can use different types of security measures. The best way I can think of is the method written below. It prevents uploading files right at the beginning and uses a passcode defined by the user which should be set the same in both installations.
My Method: The current installation passes hashed form of the passcode to the remote file authorize.php which compares it with the passcode stored on the new installation. If they match, it gives writing permission to the directory called backup which contains archived files that are going to be processed during the importing process. When the upload completes, the current installation passes the hashed form of the passcode again but this time to return directory permissions back to normal again.
If you have any idea how I can develop it even further or if you have an even better idea, please share it. All kinds of feedback is much appreciated!
Thanks in advance…