Back up WordPress to Filebase
A WordPress backup is two pieces: the files (the WP install plus uploads) and the database (one MySQL database).
All-in-one cron job
/usr/local/bin/wp-backup.sh
#!/bin/bash
set -euo pipefail
WP_DIR="/var/www/html"
BUCKET="my-wp-backups"
DATE=$(date +%Y%m%d-%H%M%S)
export AWS_ACCESS_KEY_ID="$FILEBASE_KEY"
export AWS_SECRET_ACCESS_KEY="$FILEBASE_SECRET"
# Read DB credentials from wp-config.php
DB_NAME=$(grep DB_NAME "$WP_DIR/wp-config.php" | cut -d "'" -f 4)
DB_USER=$(grep DB_USER "$WP_DIR/wp-config.php" | cut -d "'" -f 4)
DB_PASS=$(grep DB_PASSWORD "$WP_DIR/wp-config.php" | cut -d "'" -f 4)
DB_HOST=$(grep DB_HOST "$WP_DIR/wp-config.php" | cut -d "'" -f 4)
# Database dump
mysqldump --single-transaction --quick \
-h "$DB_HOST" -u "$DB_USER" -p"$DB_PASS" "$DB_NAME" \
| gzip -9 \
| aws --endpoint https://s3.filebase.io s3 cp - \
"s3://${BUCKET}/db/${DB_NAME}-${DATE}.sql.gz"
# Files (incremental sync — only changed/new files transfer)
aws --endpoint https://s3.filebase.io s3 sync "$WP_DIR" \
"s3://${BUCKET}/files/${DATE}/" \
--exclude "wp-config.php" \
--exclude ".htaccess"
# wp-config.php and .htaccess separately, encrypted via age
age --recipient "$(cat /etc/age.pub)" "$WP_DIR/wp-config.php" \
| aws --endpoint https://s3.filebase.io s3 cp - \
"s3://${BUCKET}/secrets/${DATE}/wp-config.php.age"
Excluding wp-config.php from the bulk file sync keeps DB credentials out of the broad bucket. Encrypt them separately with age.
Schedule with cron
0 4 * * * www-data /usr/local/bin/wp-backup.sh >> /var/log/wp-backup.log 2>&1
WP-side plugin alternative
If you'd rather not write shell scripts, UpdraftPlus, BackWPup, or Duplicator all support S3-compatible destinations. Configure them with:
| Field | Value |
|---|---|
| S3 endpoint | https://s3.filebase.io |
| Region | auto |
| Access key | Your Filebase access key |
| Secret key | Your Filebase secret key |
| Bucket | Your Filebase bucket |
Most plugins have a "Use Path-Style URLs" toggle — turn it on.
Restore
For a manual restore:
- Pull the latest database dump:
aws --endpoint https://s3.filebase.io s3 cp \s3://my-wp-backups/db/wordpress-20260501.sql.gz - | gunzip > restore.sqlmysql -u root -p wordpress < restore.sql
- Pull the latest files:
aws --endpoint https://s3.filebase.io s3 sync \s3://my-wp-backups/files/20260501-040000/ /var/www/html/
- Decrypt and restore the secrets:
aws --endpoint https://s3.filebase.io s3 cp \s3://my-wp-backups/secrets/20260501-040000/wp-config.php.age - \| age --decrypt --identity /etc/age.key > /var/www/html/wp-config.php
What's next
- MySQL backup
- restic — for general server backups
- JetBackup — cPanel-integrated alternative