{"id":255478,"date":"2025-10-20T05:32:52","date_gmt":"2025-10-20T05:32:52","guid":{"rendered":"https:\/\/wordpress.org\/plugins\/bervice-secure-db-bridge\/"},"modified":"2025-10-20T05:30:07","modified_gmt":"2025-10-20T05:30:07","slug":"secure-db-bridge-for-bervice","status":"publish","type":"plugin","link":"https:\/\/lmo.wordpress.org\/plugins\/secure-db-bridge-for-bervice\/","author":23374800,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_crdt_document":"","version":"1.1.2","stable_tag":"1.1.2","tested":"6.8.5","requires":"6.0","requires_php":"8.0","requires_plugins":null,"header_name":"Secure DB Bridge For Bervice","header_author":"Bervice","header_description":"Secure external bridge to export encrypted DB backups.","assets_banners_color":"35221c","last_updated":"2025-10-20 05:30:07","external_support_url":"","external_repository_url":"","donate_link":"","header_plugin_uri":"https:\/\/bervice.com","header_author_uri":"","rating":5,"author_block_rating":0,"active_installs":0,"downloads":167,"num_ratings":1,"support_threads":0,"support_threads_resolved":0,"author_block_count":0,"sections":["description","installation","faq","changelog"],"tags":{"1.1.2":{"tag":"1.1.2","author":"bervice","date":"2025-10-20 05:30:07"}},"upgrade_notice":[],"ratings":{"1":0,"2":0,"3":0,"4":0,"5":1},"assets_icons":{"icon-128x128.png":{"filename":"icon-128x128.png","revision":3381045,"resolution":"128x128","location":"assets","locale":""},"icon-256x256.png":{"filename":"icon-256x256.png","revision":3381045,"resolution":"256x256","location":"assets","locale":""},"icon.svg":{"filename":"icon.svg","revision":3381045,"resolution":false,"location":"assets","locale":false}},"assets_banners":{"banner-1544x500.png":{"filename":"banner-1544x500.png","revision":3381045,"resolution":"1544x500","location":"assets","locale":""},"banner-772x250.png":{"filename":"banner-772x250.png","revision":3381045,"resolution":"772x250","location":"assets","locale":""}},"assets_blueprints":{},"all_blocks":[],"tagged_versions":["1.1.2"],"block_files":[],"assets_screenshots":{"screenshot-1.png":{"filename":"screenshot-1.png","revision":3381045,"resolution":"1","location":"assets","locale":""}},"screenshots":{"1":"Plugin settings page, where you can securely connect your WordPress site to Bervice."},"jetpack_post_was_ever_published":false},"plugin_section":[],"plugin_tags":[151,17224,153,12167,600],"plugin_category":[54,59],"plugin_contributors":[249445],"plugin_business_model":[],"class_list":["post-255478","plugin","type-plugin","status-publish","hentry","plugin_tags-backup","plugin_tags-blockchain","plugin_tags-database","plugin_tags-encryption","plugin_tags-security","plugin_category-security-and-spam-protection","plugin_category-utilities-and-tools","plugin_contributors-bervice","plugin_committers-bervice"],"banners":{"banner":"https:\/\/ps.w.org\/secure-db-bridge-for-bervice\/assets\/banner-772x250.png?rev=3381045","banner_2x":"https:\/\/ps.w.org\/secure-db-bridge-for-bervice\/assets\/banner-1544x500.png?rev=3381045","banner_rtl":false,"banner_2x_rtl":false},"icons":{"svg":"https:\/\/ps.w.org\/secure-db-bridge-for-bervice\/assets\/icon.svg?rev=3381045","icon":"https:\/\/ps.w.org\/secure-db-bridge-for-bervice\/assets\/icon.svg?rev=3381045","icon_2x":false,"generated":false},"screenshots":[{"src":"https:\/\/ps.w.org\/secure-db-bridge-for-bervice\/assets\/screenshot-1.png?rev=3381045","caption":"Plugin settings page, where you can securely connect your WordPress site to Bervice."}],"raw_content":"<!--section=description-->\n<p><strong>Secure DB Bridge for Bervice<\/strong> is a secure and lightweight bridge plugin that allows your WordPress website to connect directly to the <strong>Bervice<\/strong> decentralized infrastructure.<br \/>\nBervice is a blockchain-based and quantum-encryption-ready platform focused on <strong>data security, privacy<\/strong>, and <strong>long-term information preservation<\/strong>.<\/p>\n\n<p>By installing this plugin on your website, you can:\n- Establish a <strong>secure, encrypted connection<\/strong> between your WordPress site and Bervice.\n- Allow Bervice to <strong>back up critical data<\/strong> safely without exposing your credentials or server.\n- Strengthen your site\u2019s <strong>resilience against data loss<\/strong> and central-point failures.\n- Integrate seamlessly with your existing CMS environment.<\/p>\n\n<p>This plugin acts as one of the <strong>core gateway services<\/strong> in the Bervice ecosystem.<br \/>\nIt\u2019s specifically designed to help WordPress site owners keep their data protected through decentralized and quantum-secure backup mechanisms.<\/p>\n\n<p>For more details and full documentation, visit <a href=\"https:\/\/bervice.com\">https:\/\/bervice.com<\/a>.<\/p>\n\n<!--section=installation-->\n<ol>\n<li><p><strong>Install the plugin<\/strong> either by:<\/p>\n\n<ul>\n<li>Uploading the plugin folder to <code>\/wp-content\/plugins\/secure-db-bridge-for-bervice<\/code>, <strong>or<\/strong><\/li>\n<li>Searching for <strong>\u201cSecure DB Bridge for Bervice\u201d<\/strong> in the WordPress plugin directory and clicking <em>Install Now<\/em>.<\/li>\n<\/ul><\/li>\n<li><p><strong>Activate the plugin<\/strong> from the <em>Plugins<\/em> menu in your WordPress Dashboard.<\/p><\/li>\n<li><p>After activation, click on the <strong>\u201cBridge for Bervice\u201d<\/strong> menu item in the dashboard to open the plugin settings page.<\/p><\/li>\n<li><p>Open your <strong>Bervice<\/strong> desktop application and go to the <strong>Database Solution<\/strong> section.<\/p><\/li>\n<li><p>Copy the generated:<\/p>\n\n<ul>\n<li><code>Key ID<\/code>  <\/li>\n<li><code>Shared Secret (Base64)<\/code><\/li>\n<\/ul>\n\n<p>and paste them into the corresponding fields in the WordPress plugin settings.<\/p><\/li>\n<li><p>In the <strong>IP Allowlist<\/strong> field, enter the public IP address of your server or system.<\/p><\/li>\n<li><p>Click <strong>Save Changes<\/strong> \u2014 your site is now securely connected to Bervice, and you can start decentralized backup operations through the Bervice application.<\/p><\/li>\n<li><p>For more details and full documentation, visit <a href=\"https:\/\/bervice.com\">https:\/\/bervice.com<\/a>.<\/p><\/li>\n<\/ol>\n\n<!--section=faq-->\n<dl>\n<dt id='does%20the%20plugin%20work%20on%20its%20own%3F'><h3>Does the plugin work on its own?<\/h3><\/dt>\n<dd><p>No. This plugin acts as a <strong>bridge<\/strong> between your WordPress website and the <strong>Bervice<\/strong> platform. It doesn\u2019t provide backup or security functions by itself \u2014 it securely connects your infrastructure to Bervice.<\/p><\/dd>\n<dt id='does%20this%20plugin%20back%20up%20the%20database%3F'><h3>Does this plugin back up the database?<\/h3><\/dt>\n<dd><p>The plugin itself does not perform backups directly. However, once connected, the <strong>Bervice software<\/strong> can securely and cryptographically back up your data through this bridge.<\/p><\/dd>\n<dt id='can%20i%20disconnect%20the%20bridge%20whenever%20i%20want%3F'><h3>Can I disconnect the bridge whenever I want?<\/h3><\/dt>\n<dd><p>Yes. You can disable or remove the connection at any time.<\/p><\/dd>\n<dt id='can%20anyone%20connect%20to%20my%20website%20through%20this%20plugin%3F'><h3>Can anyone connect to my website through this plugin?<\/h3><\/dt>\n<dd><p>No. The system is protected by your <strong>IP Allowlist<\/strong> and security keys. Only the IPs and credentials that you explicitly authorize can establish a connection.<\/p><\/dd>\n\n<\/dl>\n\n<!--section=changelog-->\n<h4>1.1.2 - 2025-10-11<\/h4>\n\n<ul>\n<li>Security: Complete rewrite of REST authentication \u2014 HMAC signature, timestamp, nonce, IP allowlist and rate-limiting are now validated in the permission callback so signed external requests work correctly without relying on WP login checks.<\/li>\n<li>Security: Nonce storage hardened \u2014 transient keys are SHA-256 hashed to prevent unsafe transient names and improve replay protection.<\/li>\n<li>Security: Signature verification tightened (secure compare) and base64 secret validation added; invalid secrets return clear errors.<\/li>\n<li>Security: IP allowlist behaviour clarified \u2014 an empty IP Allowlist now means \"no IP restriction\" (admin is warned in the settings UI). Administrators may still configure strict allowlists.<\/li>\n<li>Performance: Streaming encryption and delivery implemented \u2014 where available the openssl CLI is used for streaming AES-256-GCM encryption; otherwise a safe in-memory fallback is used with a configurable threshold.<\/li>\n<li>Performance: Encrypted backups are streamed to the client using fpassthru\/readfile (no full-file file_get_contents()), reducing PHP memory usage and preventing OOM on large dumps.<\/li>\n<li>Reliability: Exporter::encryptFile() HKDF\/key handling improved; IV is returned Base64; improved error messages and guaranteed cleanup (gzclose + file removal).<\/li>\n<li>Robustness: Dump generation hardened \u2014 additional guards around SHOW CREATE TABLE \/ SHOW COLUMNS and explicit -- WARN: notes when metadata is missing.<\/li>\n<li>Admin: Settings page now warns when secret or ip_allow are empty and explains the security implications.<\/li>\n<li>Dev: PHPCS annotations, type hints and logging reviewed; sensitive values are not leaked in logs.<\/li>\n<li>Upgrade Notice: External clients must adopt the new signed request scheme and send these headers: X-BBridge-KeyId, X-BBridge-Timestamp, X-BBridge-Nonce, X-BBridge-Signature. Ensure a valid Base64 secret (&gt;= 32 raw bytes) is set in plugin settings after update. Test on staging before rolling out to production.<\/li>\n<\/ul>\n\n<h4>1.1.1 - 2025-10-04<\/h4>\n\n<ul>\n<li>Fix: Resolved PHP parse error in <code>Exporter.php<\/code> (misplaced braces around the pagination block) that triggered \u201cunexpected identifier 'gzwrite', expecting 'function'\u201d.<\/li>\n<li>Fix: Implemented a proper pagination loop (<code>while (true)<\/code> with LIMIT\/OFFSET) and balanced braces; avoids premature function termination.<\/li>\n<li>Hardening: Safer table handling \u2014 string-cast names, strict whitelist against <code>SHOW TABLES<\/code>, and backtick-quoting via <code>backtick()<\/code>.<\/li>\n<li>Robustness: Additional guards for <code>SHOW CREATE TABLE<\/code> \/ <code>SHOW COLUMNS<\/code>; writes explicit WARN comments into the dump when metadata is missing.<\/li>\n<li>Reliability: Ensured <code>COMMIT<\/code> and <code>gzclose()<\/code> always execute; retained size sanity check for output <code>.sql.gz<\/code>.<\/li>\n<li>New: Admin menu page (\u201cDB Bridge\u201d) with icon support (<code>assets\/admin-icon.svg<\/code> or Dashicons fallback).<\/li>\n<li>Security: Tightened uploads tmp directory \u2014 creates <code>index.html<\/code> and Apache 2.4 <code>.htaccess<\/code> with <code>Require all denied<\/code> for both <code>\/bervice-db-bridge\/<\/code> and <code>\/tmp\/<\/code>. (Note: Nginx users must restrict via server config.)<\/li>\n<li>Dev: PHPCS annotations trimmed\/clarified; namespace\/type hints refined; no breaking changes to REST endpoints or settings.<\/li>\n<\/ul>\n\n<h4>1.1.0 - 2025-10-03<\/h4>\n\n<ul>\n<li>Refactored database dump logic in <code>Exporter.php<\/code>:<\/li>\n<\/ul>\n\n<h4>1.0.9 - 2025-10-02<\/h4>\n\n<ul>\n<li><code>$safeTable<\/code> comes from a trusted whitelist and cannot be placeholder-bound.<\/li>\n<li>Direct DB queries are required to produce SQL dumps.<\/li>\n<li>Caching is skipped intentionally to ensure real-time backup accuracy.<\/li>\n<\/ul>\n\n<h4>1.0.8 - 2025-10-01<\/h4>\n\n<ul>\n<li>Added whitelist check for table names to ensure only those returned by <code>SHOW TABLES<\/code> are processed.<\/li>\n<li>Escaped table identifiers using <code>backtick()<\/code> for improved SQL safety.<\/li>\n<li>Documented and justified usage of interpolated table names with <code>phpcs:ignore<\/code> inline comments (placeholders cannot be used for identifiers).<\/li>\n<li>Improved inline comments for WordPress.org code review clarity.<\/li>\n<li>Minor code clean-up and consistency improvements.<\/li>\n<\/ul>\n\n<h4>1.0.7 - 2025-09-28<\/h4>\n\n<ul>\n<li>Resolved remaining PHPCS\/WPCS warnings in <code>Exporter.php<\/code>.<\/li>\n<li>Added explicit <code>phpcs:ignore<\/code> annotations for unavoidable direct database queries (<code>SHOW TABLES<\/code>, <code>SHOW CREATE TABLE<\/code>, <code>SHOW COLUMNS<\/code>).<\/li>\n<li>Documented safe usage of interpolated table names where placeholders are not possible in MySQL.<\/li>\n<li>Final compliance alignment for WordPress Plugin Directory review.<\/li>\n<\/ul>\n\n<h4>1.0.6 - 2025-09-26<\/h4>\n\n<ul>\n<li>Fixed final PHPCS\/WPCS issues flagged by WordPress.org Plugin Check.<\/li>\n<li>Escaping enforcement: added <code>\/\/ phpcs:ignore<\/code> where binary output or MySQL limitations apply.<\/li>\n<li>Updated Exporter with explicit ignore rules for SHOW CREATE\/SHOW COLUMNS queries.<\/li>\n<li>Improved uninstall cleanup routine for safer transient removal.<\/li>\n<li>Codebase fully aligned with WordPress Plugin Directory requirements.<\/li>\n<\/ul>\n\n<h4>1.0.5 - 2025-09-20<\/h4>\n\n<ul>\n<li>Fixed mismatched text domain warnings (<code>secure-db-bridge-for-bervice<\/code>).<\/li>\n<li>Escaped all dynamic outputs for improved security.<\/li>\n<li>Replaced <code>unlink()<\/code> and <code>readfile()<\/code> with WordPress-safe alternatives.<\/li>\n<li>Improved handling of client IP sanitization.<\/li>\n<li>Updated uninstall routine with safer option\/transient cleanup.<\/li>\n<li>General code cleanup for PHPCS\/WPCS compliance.<\/li>\n<\/ul>\n\n<h4>1.0.4 - 2025-09-16<\/h4>\n\n<ul>\n<li>Added \/languages directory to fix Domain Path warning.<\/li>\n<\/ul>\n\n<h4>1.0.3 - 2025-09-15<\/h4>\n\n<ul>\n<li>Initial stable release.<\/li>\n<\/ul>","raw_excerpt":"Secure external bridge to export encrypted DB backups.","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/lmo.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin\/255478","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/lmo.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin"}],"about":[{"href":"https:\/\/lmo.wordpress.org\/plugins\/wp-json\/wp\/v2\/types\/plugin"}],"replies":[{"embeddable":true,"href":"https:\/\/lmo.wordpress.org\/plugins\/wp-json\/wp\/v2\/comments?post=255478"}],"author":[{"embeddable":true,"href":"https:\/\/lmo.wordpress.org\/plugins\/wp-json\/wporg\/v1\/users\/bervice"}],"wp:attachment":[{"href":"https:\/\/lmo.wordpress.org\/plugins\/wp-json\/wp\/v2\/media?parent=255478"}],"wp:term":[{"taxonomy":"plugin_section","embeddable":true,"href":"https:\/\/lmo.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_section?post=255478"},{"taxonomy":"plugin_tags","embeddable":true,"href":"https:\/\/lmo.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_tags?post=255478"},{"taxonomy":"plugin_category","embeddable":true,"href":"https:\/\/lmo.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_category?post=255478"},{"taxonomy":"plugin_contributors","embeddable":true,"href":"https:\/\/lmo.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_contributors?post=255478"},{"taxonomy":"plugin_business_model","embeddable":true,"href":"https:\/\/lmo.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_business_model?post=255478"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}