I have been using wordpress as my blogging engine for quite some time. To ensure that I can recover my blog in the event of a disaster (a good example would be a server catching on fire), I take weekly backups of the MySQL database that stores my posts and the wordpress configuration.Since the wordpress backups are relatively small, I typically use mysqldump to extract the data from the MySQL database, and openssl to encrypt the data. This allows me to email my backup to a remote location, and ensures that prying eyes cannot view any data that might be sensitive. To accomplish this, I use the following shell script:
#!/bin/bash
export PATH=/usr/bin:/usr/sfw/bin
DBNAME="dbname"
DBPASS="password"
DBUSER="dbuser"
EMAIL=admin@something.com"
SYMMETRICKEY="SOMESECUREWPASSWORD"
mysqldump --opt -u ${DBUSER} -p${DBPASS} ${DBNAME} wp_categories
wp_comments wp_linkcategories wp_links wp_options
wp_post2cat wp_postmeta wp_posts wp_usermeta wp_users
| /home/apps/bin/openssl bf -e -a -k ${SYMMETRICKEY}
| mailx -vv -s "Wordpress backup (`/bin/date`)" ${EMAIL}
This solution has worked well for me for the past two years, and I have never had a problem running openssl with the “-d” (decrypt data) option to decrypt the data that openssl’s “-e” (encrypt data) option produces. I reckon I should probably add “START PAYLOAD” and “END PAYLOAD” strings to the output to ensure that the data made it to the destination in one piece.