Automates secure file uploads and downloads via SFTP.
This plugin allows you to securely upload files from your WordPress site to a remote server using SFTP (Secure File Transfer Protocol). It's designed to be easy to install, configure, and use—even if you're new to WordPress or SFTP.
- Features
- Prerequisites
- Installation
- Configuration
- Usage
- Security Best Practices
- Troubleshooting
- Frequently Asked Questions
- Support
- Contributing
- License
- Secure File Uploads: Upload files securely to a remote server via SFTP.
- User-Friendly Interface: Simple upload form that integrates seamlessly with your WordPress site.
- Access Control: Restrict file uploads to logged-in users with specific roles or permissions.
- Customizable: Easily modify settings to suit your needs.
Before you begin, ensure you have the following:
- WordPress: Version 5.0 or higher.
- PHP: Version 7.4 or higher.
- Composer: For managing PHP dependencies.
- SFTP Server Credentials: Hostname, username, password (or SSH key), and remote path.
- phpseclib Library: A PHP library for secure communications (installed via Composer).
Follow these simple steps to install the SFTP Wordpress Plugin.
You can download the plugin from the GitHub repository.
-
Click the green Code button and select Download ZIP.
-
Alternatively, clone the repository using Git:
git clone https://github.com/adriancamaj/SFTP-Wordpress-Plugin.git
Since the plugin uses external libraries, you'll need to install them using Composer.
-
Navigate to the plugin directory:
cd SFTP-Wordpress-Plugin -
Run the following command to install dependencies:
composer install
Note
If you don't have Composer installed on your server, you may need to install it or run this command locally and upload the directory to your server.
- Log in to your WordPress admin dashboard.
- Navigate to Plugins > Add New.
- Click on Upload Plugin.
- Choose the downloaded ZIP file (
SFTP-Wordpress-Plugin.zip) and click Install Now.
- After installation, click Activate Plugin.
- The plugin is now active on your WordPress site.
Configure the plugin to connect to your SFTP server.
In the plugin directory (SFTP-Wordpress-Plugin), create a file named .env and add your SFTP credentials:
SFTP_HOST=your_sftp_host
SFTP_USER=your_username
SFTP_PASS=your_password
SFTP_REMOTE_PATH=/remote/path/
- Replace the placeholder values with your actual SFTP server details.
Warning
Do not include quotes around the values.
To prevent sensitive information from being exposed:
- Add
.envto your.gitignorefile if you're using version control.
Important
Ensure proper file permissions are set so that unauthorized users cannot access the file.
Start using the plugin to upload files securely.
- Create or edit a page or post where you want the upload form to appear.
- Add the shortcode
[sftp_upload_form]to the content area.[sftp_upload_form] - Publish or update the page or post.
- Visit the page or post where you added the upload form.
- You should see a file upload field and an Upload button.
- Choose a file from your computer and click Upload.
- Upon successful upload, a confirmation message will appear.
Keep your site and data secure by following these guidelines.
- Configure your SFTP server to use SSH key authentication.
- Update the plugin to use your SSH private key for authentication.
use phpseclib3\Crypt\PublicKeyLoader; $key = PublicKeyLoader::loadPrivateKey('path/to/private/key'); if (!$sftp->login($_ENV['SFTP_USER'], $key)) { echo 'SFTP Login Failed'; return; } - Update your
.envfile:SFTP_PRIVATE_KEY_PATH=/path/to/private/key
- Ensure that only trusted users have access to the upload form.
- The plugin checks if a user is logged in and has the capability
upload_files.
- Modify the allowed file types to prevent uploading potentially harmful files.
- Adjust the
$upload_overrides arrayin the plugin code:$upload_overrides = array( 'test_form' => false, 'mimes' => array( 'jpg|jpeg|jpe' => 'image/jpeg', 'png' => 'image/png', 'pdf' => 'application/pdf', ), );
- Regularly update WordPress, plugins, and dependencies to the latest versions.
Having issues? Here's how to resolve common problems.
- Cause: Incorrect SFTP credentials or server is unreachable.
- Solution: Verify your SFTP host, username, password (or SSH key), and network connectivity.
- Cause: File exceeds maximum upload size or disallowed file type.
- Solution: Increase the upload size limit in
php.iniand ensure the file type is allowed.
- Cause: directory is missing.
- Solution: Run
composer installin the plugin directory.
- Cause: Insufficient permissions on the SFTP server.
- Solution: Ensure the SFTP user has write permissions to the remote directory.
Yes! You can modify the HTML form in the SFTP-Wordpress-Plugin.php file to suit your needs.
For better security, it's recommended to use environment variables as shown in the configuration steps.
Yes, you can configure the plugin to use SSH keys instead of passwords.
Need assistance? We're here to help!
- GitHub Issues: Submit an issue on GitHub.
- Email: Contact us at sharkware.io
- Documentation: Refer to this guide
We welcome contributions from the community!
- Fork the Repository: Click the Fork button on GitHub.
- Create a Branch:
git checkout -b feature/YourFeature - Commit Your Changes:
git commit -m 'Add Your Feature' - Push to the Branch:
git push origin feature/YourFeature - Open a Pull Request: Submit your pull request on GitHub.
This plugin is licensed under the GPL-3.0 License.
If you find this plugin helpful, please consider giving it a ⭐ on GitHub. Your support is appreciated!