Hosting Compatibility
Hosting provider compatibility, system requirements, and settings to ensure SafeGuard runs reliably on any WordPress host.
System Requirements
SafeGuard requires PHP 7.4+ and WordPress 5.8+ at minimum. We strongly recommend PHP 8.1+ and WordPress 6.0+ for the best performance and security.
| Requirement | Minimum | Recommended |
|---|---|---|
| WordPress | 5.8+ | 6.0+ |
| PHP | 7.4+ | 8.1+ |
| Memory limit | 64 MB | 128 MB |
| Max execution time | 30 seconds | 120 seconds |
| Disk space | 2x site size | 3x site size |
Required PHP Extensions
SafeGuard relies on the following PHP extensions. Most hosts have these enabled by default:
- zip — creating and extracting backup archives
- curl — communicating with remote storage providers
- json — REST API and configuration handling
- mbstring — multibyte string handling for database exports
You can verify these are installed by navigating to SafeGuard → Settings → System Info after activation, or by running:
wp safeguard statusHosting Compatibility Table
The table below summarizes compatibility across the most popular WordPress hosting providers. SafeGuard works on the vast majority of hosts out of the box.
| Host | Status | Notes |
|---|---|---|
| SiteGround | Fully compatible | No special configuration needed |
| Bluehost | Fully compatible | No special configuration needed |
| DigitalOcean | Fully compatible | Full server control |
| Linode / Akamai | Fully compatible | Full server control |
| Vultr | Fully compatible | Full server control |
| Cloudways | Fully compatible | No special configuration needed |
| RunCloud | Fully compatible | No special configuration needed |
| GridPane | Fully compatible | No special configuration needed |
| SpinupWP | Fully compatible | No special configuration needed |
| Hetzner | Fully compatible | Full server control |
| WP Engine | Compatible with notes | Disable loopback in settings; see details below |
| Kinsta | Compatible with notes | Limited cron; Action Scheduler handles this automatically |
| GoDaddy | Compatible with notes | PHP memory limits may need adjustment |
| Flywheel | Compatible with notes | File permission restrictions; see details below |
| Pantheon | Compatible with notes | Non-standard filesystem; see details below |
| VPS / Dedicated | Fully compatible | Full control over all server settings |
Managed WordPress Hosts
Managed WordPress hosts offer great performance but sometimes restrict server-level features that backup plugins depend on. SafeGuard is designed to work around these restrictions with minimal configuration.
Shared Hosting
Shared hosting environments impose the tightest resource limits. SafeGuard is built to handle these constraints, but you may need to adjust settings for the best experience.
On shared hosting, always use incremental backups for sites larger than 500 MB. Full backups on resource-constrained hosts can exceed memory or execution time limits.
Common Limitations
| Limitation | Typical value | How SafeGuard handles it |
|---|---|---|
| PHP memory limit | 64–128 MB | Streams data in chunks instead of loading entire files into memory |
| Max execution time | 30–60 seconds | Processes backups in batches across multiple Action Scheduler runs |
| PHP workers | 1–2 | Runs backup tasks sequentially to avoid saturating workers |
| Disk space | 1–10 GB | Use remote storage and enable Delete local after upload |
| Outbound connections | Sometimes restricted | Verify your host allows HTTPS connections to your storage provider |
Recommended Settings for Shared Hosting
- Enable incremental backups — only changed files are processed, reducing memory and CPU usage
- Use remote storage — send backups to S3, Dropbox, or Google Drive instead of consuming local disk
- Enable "Delete local after upload" — under SafeGuard → Settings → Retention, toggle this on to free local disk after each backup uploads
- Schedule during off-peak hours — set backup schedules to 02:00–04:00 server time to avoid competing with site traffic
VPS and Dedicated Servers
If you manage your own server (DigitalOcean, Linode, Vultr, Hetzner, or any VPS/dedicated provider), SafeGuard runs with full compatibility and no restrictions.
Recommended Server Settings
For optimal backup performance, configure these PHP values in your php.ini or pool configuration:
memory_limit = 256M
max_execution_time = 300
upload_max_filesize = 512M
post_max_size = 512MRecommended SafeGuard Settings
- Server-side processing — leave enabled (default) for the fastest backup performance via loopback requests
- Lock database tables — enable under SafeGuard → Settings → Advanced if you need perfectly consistent database snapshots on high-traffic sites
- Compression level — use "high" for smaller backup archives when CPU resources are abundant
Cloudflare Considerations
Many WordPress sites use Cloudflare as a CDN and security layer. SafeGuard is fully compatible with Cloudflare, but there are a few things to be aware of.
Backups
Cloudflare does not interfere with SafeGuard's backup process. Backups run server-side and communicate directly with storage providers (S3, Dropbox, etc.) without passing through Cloudflare.
Migrations
When migrating to a site behind Cloudflare, the destination may not be reachable via direct connection because Cloudflare's reverse proxy can block non-standard POST requests. SafeGuard's Cloud Relay detects this automatically and routes migration data through the relay server. No manual configuration is required.
Firewall Rules
If you use Cloudflare's WAF (Web Application Firewall) or custom firewall rules, ensure the following:
- License activation — your server must be able to reach
api.safeguard.verdelic.comover HTTPS. If Cloudflare is on the server side, whitelist this domain. - REST API endpoints — SafeGuard's REST API lives under
/wp-json/safeguard/v1/. If you have aggressive WAF rules that block JSON payloads, add an exception for this path. - Migration endpoints — if migrating between two Cloudflare-protected sites, the Cloud Relay handles everything automatically. No firewall exceptions needed.
Cloudflare Caching
SafeGuard's REST API responses include appropriate no-cache headers. Cloudflare will not cache these by default. If you have a custom page rule that caches everything (Cache Everything), exclude /wp-json/safeguard/* from that rule.
Settings for Compatibility
SafeGuard includes several settings designed to work around hosting restrictions. All of these are found under SafeGuard → Settings → Advanced.
Server-Side Processing
Default: Enabled
When enabled, SafeGuard uses loopback HTTP requests to process backups in the background. This is the fastest method but requires that the server can make HTTP requests to itself.
Disable this if: Your host blocks loopback requests (WP Engine, some security plugins, or servers behind certain reverse proxies). When disabled, SafeGuard falls back to Action Scheduler for background processing.
Lock Database Tables
Default: Disabled
When enabled, SafeGuard locks database tables during export to ensure a perfectly consistent snapshot. This prevents writes during the backup window.
Enable this if: You run a high-traffic WooCommerce store or membership site where database consistency during backup is critical. On most sites, this is unnecessary.
Enabling database table locking on shared hosting can cause your site to become unresponsive during backups. Only enable this on VPS or dedicated servers with sufficient resources.
Exclusion Patterns
SafeGuard lets you exclude files and directories from backups using glob patterns. This is useful for reducing backup size and avoiding unnecessary files.
Common exclusion patterns:
/wp-content/cache/*
/wp-content/wflogs/*
/wp-content/updraft/*
/wp-content/ai1wm-backups/*
*.logAdd exclusion patterns under SafeGuard → Settings → Advanced → Exclusions.
Encryption
Default: Disabled
When enabled, SafeGuard encrypts backup archives before storing them. This adds a small performance overhead but ensures your backup data is protected at rest.
Enable this if: You store backups on shared storage, comply with data protection regulations, or want an extra layer of security for sensitive site data.
Performance Tips
Schedule backups during off-peak hours
Set your backup schedule to run during low-traffic periods (02:00–04:00 server time). This minimizes the impact on site visitors and avoids competing for PHP workers.
Use incremental backups for large sites
After your first full backup, switch to incremental backups for daily schedules. Incremental backups only process changed files, completing in a fraction of the time and using far less memory.
Split large sites with selective backups
For sites over 5 GB, consider running separate schedules — a daily database-only backup and a weekly full backup. Database backups are fast and protect your most critical data.
Offload to remote storage
Use a remote storage provider (S3, Google Drive, Dropbox) as your primary destination. Enable Delete local after upload to keep your server's disk usage low.
Exclude unnecessary files
Add cache directories, log files, and other backup plugin folders to your exclusion list. This reduces backup size and speeds up both backup and restore operations.