Backup Types
Understand the different backup types in SafeGuard, how incremental detection works, and which strategy fits your WordPress site.
Overview
SafeGuard supports several backup types so you can balance speed, storage usage, and coverage for your specific needs.
| Type | Files | Database | Speed | Storage | Best for |
|---|---|---|---|---|---|
| Full | All | Yes | Slowest | Largest | Initial backup, before major updates |
| Incremental | Changed only | Yes | Fastest | Smallest | Daily scheduled backups |
| Database Only | None | Yes | Very fast | Very small | Before DB migrations, quick snapshots |
| Files Only | All | No | Medium | Large | Theme/plugin development |
| Selective | Chosen items | Chosen tables | Varies | Varies | Targeted backups of specific components |
Full Backup
A full backup captures your entire WordPress installation: all files (core, themes, plugins, uploads) plus the complete database. It serves as the baseline that incremental backups build on.
Navigate to SafeGuard → Backups, click Run Backup Now, and select Full as the backup type.
wp safeguard backup run --type=fullWhen to use
- First backup on a new site
- Before major updates (WordPress core, WooCommerce, or theme upgrades)
- Before migrations to a new host or domain
- Periodically to refresh the incremental chain (SafeGuard can do this automatically)
What to expect
| Site size | Typical duration | Typical archive size |
|---|---|---|
| Small blog (< 500 MB) | 10-30 seconds | 200-400 MB |
| Medium site (1-3 GB) | 30-90 seconds | 500 MB - 2 GB |
| Large WooCommerce (5+ GB) | 2-5 minutes | 2-5 GB |
SafeGuard uses a high-performance export pipeline with resumable execution. On shared hosting with a 30-second PHP timeout, large backups automatically pause and resume across multiple execution bursts without losing progress.
Incremental Backup
Incremental backups only include files that have changed since the last full backup, plus a fresh database export. This makes them dramatically faster and smaller than full backups.
Navigate to SafeGuard → Backups, click Run Backup Now, and select Incremental. If no full backup exists or the existing one is stale, SafeGuard automatically creates a full backup first, then chains the incremental backup.
wp safeguard backup run --type=incrementalHow change detection works
SafeGuard offers four detection tiers with increasing thoroughness. You can configure the mode under SafeGuard → Settings → Incremental.
| Tier | Name | Method | Overhead | Recommended for |
|---|---|---|---|---|
| 1 | Standard | Timestamp comparison | None | Most sites |
| 2 | Enhanced | Timestamp + file size | Low | Sites using rsync or deploy tools |
| 3 | Secure | Timestamp + size + hash (critical files) | Medium | WooCommerce, membership sites |
| 4 | Paranoid | Timestamp + size + hash (all files) | High | High-security or compliance sites |
Standard compares each file's modification time against the parent backup timestamp. Any file with a newer mtime is included.
Enhanced adds a size index check so that files whose timestamps were reset (common with rsync without -t) are still caught if their size changed.
Secure adds MD5 hash verification for critical files (core WordPress files, wp-config.php, plugin entry files) even when timestamp and size match. This catches sophisticated tampering.
Paranoid hashes every file on disk, catching any modification regardless of how timestamps or sizes were manipulated.
SafeGuard automatically recommends a detection mode based on your installed plugins. WooCommerce and membership sites get Secure by default; sites with .git directories get Enhanced; all others default to Standard.
Incremental chains
Incremental backups form a chain: one full backup followed by a series of incrementals that reference it. Each incremental records a complete manifest of all files (changed and unchanged) so the restorer knows the full state of the site at that point in time.
Auto-full triggers — SafeGuard automatically starts a fresh full backup when:
- No completed full backup exists
- The parent full backup file is missing from disk
- The full backup is older than the configured threshold (default: 14 days, configurable to 7, 14, 30, or 60 days via
autoFullFrequencyDays)
You can also set a maximum chain length (3, 5, 10, 15, or unlimited) to force a new full backup after a certain number of incrementals. Shorter chains restore faster; longer chains save more storage.
Deletion detection
During restore, SafeGuard uses the incremental manifest to identify files that existed in the full backup but are absent from the latest incremental manifest. These files are moved to a quarantine directory rather than immediately deleted, with a panic threshold that aborts pruning if too many files would be affected.
A Bloom filter (a space-efficient probabilistic data structure) is generated during backup to accelerate deletion lookups during restore. At ~360 KB for 300,000 files with a 1% false positive rate, it allows constant-time membership checks without loading the entire manifest into memory.
Database-Only Backup
A database-only backup exports all WordPress database tables without touching the filesystem. The result is a single SQL file inside a compressed archive.
Navigate to SafeGuard → Backups, click Run Backup Now, and select Database Only.
wp safeguard backup run --type=databaseWhen to use
- Before running database migrations or schema changes
- Before WooCommerce updates that modify order tables
- Quick daily snapshots of content, settings, and user data
- Before bulk editing posts, products, or user metadata
A database-only backup does not protect your theme files, plugin code, or uploaded media. Pair it with periodic full backups for complete coverage.
Files-Only Backup
A files-only backup captures the entire WordPress filesystem (themes, plugins, uploads, and core files) without exporting the database. This is useful when your database is managed separately or you only need to protect file changes.
Navigate to SafeGuard → Backups, click Run Backup Now, and select Files Only.
wp safeguard backup run --type=filesWhen to use
- Theme or plugin development where code changes frequently but database rarely changes
- Sites with externally managed databases (e.g., Amazon RDS with its own backup schedule)
- Large media libraries that need offsite copies without the overhead of a database export
Selective Backup
Selective backups let you choose exactly which components to include: specific plugins, themes, the uploads directory, or individual database tables. SafeGuard provides a tree browser in the UI where you can check or uncheck items.
Navigate to SafeGuard → Backups, click Run Backup Now, select Selective, then use the tree browser to check the plugins, themes, uploads directories, and database tables you want to include.
# Back up specific paths and tables
wp safeguard backup run --type=selective \
--include-paths="wp-content/plugins/woocommerce,wp-content/themes/storefront" \
--include-tables="wp_wc_orders,wp_wc_order_items"When to use
- Single plugin or theme updates where you only need to protect that component
- WooCommerce-specific backups targeting order tables and product uploads
- Agency workflows where different team members own different site components
Backup Contents
What is included
By default, a full or files backup scans everything under the WordPress root directory:
- WordPress core files (
wp-admin/,wp-includes/, root PHP files) - Themes (
wp-content/themes/) - Plugins (
wp-content/plugins/) - Uploads (
wp-content/uploads/) - Must-use plugins (
wp-content/mu-plugins/) - Drop-ins (
wp-content/root PHP files likeobject-cache.php) - Custom wp-content directories (even when
WP_CONTENT_DIRis outsideABSPATH)
Auto-exclusions
SafeGuard automatically excludes files and directories that should never be part of a backup:
| Exclusion | Reason |
|---|---|
.git/ | Version control history, often very large |
node_modules/ | Package manager dependencies, easily reinstalled |
.env | Environment secrets |
wp-config.php | Contains database credentials (excluded for security) |
safeguard-backups/ | SafeGuard's own backup directory |
safeguard-cache/ | SafeGuard's cache directory |
updraft/ | UpdraftPlus backup directory |
backupbuddy_backups/ | BackupBuddy backup directory |
ai1wm-backups/ | All-in-One WP Migration backup directory |
wpvivid/ | WPvivid backup directory |
backwpup-* | BackWPup backup directories |
duplicator/ | Duplicator backup directory |
Custom exclusions
You can add your own exclusion patterns under SafeGuard → Settings → Advanced → Exclusions. These support directory paths and pattern matching.
Compression
SafeGuard compresses backup archives using the ZIP format with configurable compression levels.
| Level | Deflate level | Speed | Size reduction | Best for |
|---|---|---|---|---|
| None | Store (0) | Fastest | 0% | Already-compressed content (media-heavy sites) |
| Low | 1 | Very fast | ~40-50% | Shared hosting with limited CPU |
| Medium | 5 | Balanced | ~55-65% | General-purpose default |
| Standard | 6 | Balanced | ~60-70% | Default setting |
| High | 7 | Slower | ~65-75% | Storage-constrained environments |
| Maximum | 9 | Slowest | ~70-80% | Minimum archive size, maximum CPU usage |
SafeGuard automatically skips compression for files that are already compressed (JPEG, PNG, WebP, MP4, MP3, ZIP, GZ, PDF, WOFF2, and more). These files are stored as-is inside the archive, avoiding wasted CPU cycles for negligible size reduction.
Configure the compression level under SafeGuard → Settings → General → Compression Level.
Split Archives
When a backup exceeds the maximum archive size, SafeGuard automatically splits it into multiple parts. Each part is a valid ZIP file that can be individually uploaded to your storage provider.
The default maximum archive size is 2 GB, configurable under SafeGuard → Settings → General → Maximum Backup Size. You can set this to 500 MB, 1 GB, 2 GB, or unlimited.
Split archives are useful for:
- Storage providers with upload size limits (some providers cap individual file uploads)
- Shared hosting with memory constraints (smaller archives require less memory to create)
- Unreliable network connections (smaller files are easier to retry on upload failure)
During restore, SafeGuard automatically reassembles split archives in the correct order.
Best Practices
Personal blog or portfolio
| Schedule | Type | Frequency | Retention |
|---|---|---|---|
| Primary | Incremental | Daily | 30 backups |
| Baseline | Full (auto) | Every 14 days | 4 backups |
A daily incremental catches content changes. The auto-full refresh every two weeks keeps chain lengths manageable.
WooCommerce store
| Schedule | Type | Frequency | Retention |
|---|---|---|---|
| Orders | Database only | Every 4 hours | 42 backups (7 days) |
| Primary | Incremental | Daily | 30 backups |
| Baseline | Full (auto) | Every 7 days | 8 backups |
Frequent database backups protect order data. Set the detection mode to Secure so critical files are hash-verified on each incremental.
Agency managing multiple sites
| Schedule | Type | Frequency | Retention |
|---|---|---|---|
| Primary | Incremental | Daily | 14 backups |
| Baseline | Full (auto) | Every 7 days | 4 backups |
| Pre-deploy | Full (manual) | Before each deploy | 2 backups |
Short incremental chains (max chain length of 5) ensure fast restores. Run a manual full backup before each client deploy for a clean rollback point.
Membership or LMS site
| Schedule | Type | Frequency | Retention |
|---|---|---|---|
| User data | Database only | Every 2 hours | 84 backups (7 days) |
| Primary | Incremental | Daily | 30 backups |
| Baseline | Full (auto) | Every 7 days | 8 backups |
Frequent database snapshots protect user progress, enrollments, and payment records. Use Secure detection mode to hash-verify critical plugin files.
All backup types support multiple storage destinations. Send your primary backups to Amazon S3 for durability and keep a secondary copy on Dropbox or Google Drive for easy access. See Storage Providers for setup instructions.