A must read when using the site-sift directory script! Security flaw, everbody using the site-sift script please update this file: admin/backup/index.php Add at the beginning of this file this code: <? require_once('../access_check.php'); ?> PHP: It's very important to update this file. ALERT! Also remove the datadump.sql from the admin/backup folder, because it's there waiting to be downloaded. For more questions about this go here: http://forum.site-sift.com/thread878.html
Please see discussion here: http://forum.site-sift.com/thread878.html Regarding admin/backup/index.php... Good tip, but really not necessary as access is denied after either of the buttons are clicked from those who are not logged in as admin. Regarding datadump.sql, another option: (unix/linux servers)... create a file called .htaccess with the text: <Files *.sql> Order Deny,Allow Deny from all </Files> Save and upload this file to admin/backup/ folder. This will prevent the file datadump.sql from being visible via http requests, you will need to download it via ftp instead. The downloads have been patched resolving both issues.