# WordPress Backups That Actually Restore — Data Safety · WPCloudLab

> How WPCloudLab keeps your site safe: backups verified byte-for-byte, weekly restore drills that scan for corruption, and a security-audited signed agent.

Canonical: https://wpcloudlab.com/security

data safety & security

# Backups that restore.  
Security you can audit.

The scariest moment in webcare is the restore that doesn’t work. So we don’t promise your data is safe — we prove it, on a schedule, and we audited our own pipeline to make sure.

[Get a free audit](/contact)[see plans & pricing →](/pricing)

Most “backups” are never tested until the day you need them. That’s the worst possible day to discover they don’t restore.

how we prove itbackups that restore

## A backup isn’t a backup until it restores.

### Verified byte-for-byte

After every backup, we don't just check that a file exists — we check that the bytes match. Binary and database columns are captured exactly, so a restore brings back precisely what you had: no truncated émojis, no mangled serialized data, no silently dropped rows.

### Weekly restore drills

Every week we take a real backup and restore it into an isolated scratch database, then scan the recovered data for corruption. If a backup can't restore cleanly, we find out on our schedule — not on the day your client's site is down.

### Fail loud, never silent

An empty or truncated dump is rejected, not uploaded. A backup that passes our checks is one we've proven is complete. The worst backup is the one you think you have but don't — so we refuse to pretend.

we audited ourselves

## We went hunting for the ways data quietly rots.

Most backup bugs never announce themselves — the dump looks valid, the file uploads, and the data is wrong. We ran a full data-fidelity audit of our own backup and restore path and found six ways WordPress data can silently corrupt. Then we fixed every one and added the checks that catch the next one.

-   01Percent-signs and URLs corrupted by WordPress's own escape layer — fixed
-   02Binary / BLOB data mangled through JSON transport — now hex-encoded, byte-exact
-   03Latin-1 characters lost on legacy sites — charset preserved end to end
-   04SQL comments inside content wrongly stripped on restore — fixed
-   05Real customer tables mistaken for cache and skipped — fixed
-   06Zero-byte files dropped from file backups — now recreated exactly

securityyour tool shouldn't be the risk

## Your maintenance tool shouldn’t be your biggest risk.

### Authenticated agent

The agent on your site talks to us over a per-site secret with HMAC-signed requests, a timestamp window, and single-use nonces. Nothing can impersonate your site or replay an old request.

### Signed control channel

Commands we send to your site are cryptographically signed and verified by the agent before they run. Even if the network between us were tampered with, a forged command is rejected.

### Encrypted, offsite, private

Backups are encrypted and stored offsite in a private Cloudflare R2 bucket. Downloads happen through short-lived, scoped links — never a public URL.

### Audited end to end

We ran a full security audit of the platform — injection, remote code execution, SSRF, secrets, dependencies and infrastructure — and fix what we find. Your maintenance tool shouldn't be your biggest risk.

questionsthe honest answers

## Straight answers.

Do you actually test that backups restore?

Yes. Every week we restore a real backup into an isolated database and scan the recovered data for corruption. Most services only check that a backup file was created; we check that it comes back intact.

What does “verified byte-for-byte” mean?

After each backup we confirm the captured data matches the source exactly — including binary columns and special characters that naive backups silently corrupt. A restore returns precisely what you had, not an approximation.

Where are my backups stored, and are they encrypted?

Encrypted and offsite in a private Cloudflare R2 bucket with 30-day retention. The bucket is never public; restores and downloads use short-lived, scoped links.

Could someone hijack the agent on my site?

The agent authenticates every request with a per-site secret, HMAC signatures, a timestamp window and single-use nonces, and it verifies that the commands it receives are cryptographically signed before running them. Replays and forged commands are rejected.

What happens if an update breaks my site?

Safe Updates screenshots your site before and after every update, desktop and mobile, and an AI reviews the difference. A real regression is caught — and rolled back — before your client ever sees it.

Can I get my data out, or cancel?

Any time. No contracts, no lock-in. Your backups are yours; ask and we hand them over.

free audit · 30 minutes · no card

## See exactly how safe your data really is.

Send us your URL. We’ll dig through it and come back with what’s at risk, whether your current backups would actually restore, and what we’d fix in week one. No pitch. Free.

[Start a free audit](/contact)info@wpcloudlab.com

---

Get started: https://wpcloudlab.com/signup · Talk to an engineer: https://wpcloudlab.com/contact · Full agent index: https://wpcloudlab.com/llms.txt
