Akeeba Backup for WordPress

#36962 One Click Backup

Posted in ‘Akeeba Backup for WordPress’
This is a public ticket

Everybody will be able to see its contents. Do not include usernames, passwords or any other sensitive information.

Environment Information

WordPress version
PHP version
Akeeba Backup version

Latest post by sjberry1963 on Monday, 25 April 2022 16:59 CDT


Hey Guys!

I love backups! I backup 2-3 times every day when I'm working on a site, and before I start working on one. I'm compulsive about it. It's saved my ass a number of times, and it's because of this specific plugin. I've used you guys for a really long time and you've always done me right. Thank you!

Here's my situation, albeit a rather small thing, it's important in terms of convenience. No huge deal here.

I want a one-click button on the admin console of my site(s) - red button "Backup Now!"

Actually I have one, booth on all of my Joomla sites, and now on the new WordPress sites I'm building.


On Joomla, all I had to do was link to the profile and viola! It works!

Not so much on WordPress.

I get an Application Error (500)

I can go to the buttons on the Backup Interface and everything works perfectly, but there's something different about the link I need to put in that button.


Thanks for your help!


Akeeba Staff

You can't actually create an one-click backup icon on WordPress. Not to get in too much technical detail, WordPress does not have an application-wide session management which means that anti-CSRF tokens and other security measures we can use anytime in Joomla will only work inside Akeeba Backup for WordPress. That's why the one-click backup icon needs to be generated inside the Akeeba Backup for WordPress plugin.

You can always link to the generic backup page (/wp-admin/admin.php?page=akeebabackupwp%2Fakeebabackupwp.php&view=backup) and let users select the backup profile they want to use. This link WILL work since without a backup profile ID in the URL there's no need to check the anti-CSRF token.

Akeeba Backup for Joomla used to be the same, checking for the anti-CSRF token if a profile= query string parameter was present in the URL, but we had to remote it to make custom admin menu items possible. We are using a different approach in Joomla, only checking the anti-CSRF token when autostart=1 is defined in the URL. It's less safe but we had to regrettably do that for custom Joomla admin menu items to be possible.

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!


Thank you very much for the explanation. It's not that big a deal.

Support Information

Working hours: Typically we work Monday to Friday, 9am to 7pm Cyprus timezone (EEST). Support is provided by the same developers writing the software, all of which live in Europe. You can still file tickets, but we cannot respond to them, outside of our working hours.

Support policy: We would like to kindly inform you that when using our support you have already agreed to the Support Policy which is part of our Terms of Service. Thank you for your understanding and for helping us help you!

Summer vacations: Our support will be closed for replies and new tickets from August 6th to August 21st, 2022 due to summer vacations.