Managed backup restoration failed

I'm getting the "Restoration failed" when I'm trying to restore the managed backup. In the Snapshot logs I see the following error:
[Warning] Unable to extract manifest.

  • Kasia Swiderska
    • Support nomad

    Hello xavier_lebrun4,

    I'm sorry to hear that this is not working correctly for you.

    I can see that you haven't given us access to your sites to check the issue. I will need them to test backup

    Note: Don't leave your login details in this ticket.
    Instead, you can send us your details using our contact form https://premium.wpmudev.org/contact/#i-have-a-different-question and the template below:

    Subject: "Attn: Kasia Swiderska"
    - Site login URL
    - WordPress admin username
    - WordPress admin password
    - FTP credentials (host/username/password)
    - Folder path to site in question
    - Link back to this thread for reference
    - Any other relevant urls/info

    IMPORTANT: Please make sure you select "I have a different question" for your topic, so it doesn't go back to the forums - this and the subject line ensure that it gets assigned to me.

    Please confirm here that you send those credentials

    kind regards,
    Kasia

  • Kasia Swiderska
    • Support nomad

    Hello xavier_lebrun4,

    Thanks for sending those creds, I was testing your Managed Backup and seems that there is an issue with that your WordPress is installed in own directory.
    When I tested on the localhost error I got was that wp-config.php is not in the zip file. However it is there, but in a subfolder, so it looks like script can't find it.
    I'm checking with developers now how can we restore this type of installation and as soon they will let me know, I will update thread.

    kind regards,
    Kasia

  • Kasia Swiderska
    • Support nomad

    Hello xavier_lebrun4,

    We are still working on your site backup, because there is something wrong with the file.
    I started by checking files and I found some suspicious code in one of the files. Can you tell me if your site was hacked recently? Because if yes, then it looks like the 18th August backup is corrupted/infected.
    I did check all older backups on your site and all of them has the same code inside index.php - and that mean site was hacked before 30th June.
    Do you have any other backups somewhere else even before that day?

    kind regards,
    Kasia

  • Kasia Swiderska
    • Support nomad

    Hello xavier_lebrun4,

    We can try to restore those (even manually) but are you sure you want to do that? Because if you see that your site was hacked ALL your backups have the same infected files. So even we will restore that backup from 18th it will not change anything regarding the infection, because the infected file is there. I downloaded all the backups and checked that file - code from infection is in all of them.

    kind regards,
    Kasia

  • Kasia Swiderska
    • Support nomad

    Hello xavier_lebrun4,

    I'm terribly sorry for the delay on my end. To restore database I will need access to PHPMyAdmin on your server - I need that so I can upload tables from backup to Database.
    I have FTP access, so I can upload files - but I need a place to upload also tables.
    Please send the same way as FTP credentials URL to PHPMyAdmin.

    Another thing is that the manual restoring process is quite long - at some moment I will need to delete tables and upload ones from backup one by one. The site won't be working correctly for that time.

    if you can tell me what code appeared wrong
    that would help

    Inside index.php in the root directory of your site (so not in /site/) in index.php there is code:

    I have asked the developer about it and it is potentially harming users of Internet Exproler browser.

    is there a way in your service to store backups over a longuer time ?

    At the moment there is no option for storing for a longer time, I'm afraid.

    kind regards,
    Kasia

  • Kasia Swiderska
    • Support nomad

    Hello xavier_lebrun4,

    The reason why Defender didn't found that code is because this file is not where the WordPress installation is. Defender scans files inside the directory where WordPress is installed (so where wp-config.php file is) - it doesn't scan files in directories above that.
    Your index.php was copied from root directory to upper one, so Defender could not scan it at all (it doesn't have access to that file).

    I see that it is an issue for the WordPress installations like yours and I have brought this subject to our developers and I'm waiting for their feedback on this - if there is a way to make Defender be able to recognize this type of installations and act on that.

    I will keep you posted.

    kind regards,
    Kasia

Thank NAME, for their help.

Let NAME know exactly why they deserved these points.

Gift a custom amount of points.