MokoConsulting/MokoSuiteBackup
1
0
Fork 0
Code Issues 3 Pull Requests Packages Releases 2 Wiki Activity

feat: ZIP encryption option in profile settings #121

New Issue
Closed
opened 2026-06-23 16:04:44 +00:00 by jmiller · 1 comment
jmiller commented 2026-06-23 16:04:44 +00:00
Owner
Copy Link
Copy Source

Summary

The encryption_password field already exists in the profile form and BackupEngine applies AES-256 encryption when set. Verify the field is visible and working in the current profile UI. If not visible, ensure it shows in the Archive Settings tab.

Note: AES-256 ZIP encryption requires PHP compiled with libzip 1.2.0+ and ZipArchive::EM_AES_256 constant.

Check

  • Is the encryption_password field visible in the profile form?
  • Does setting it actually encrypt the archive?
  • Is there a strength indicator like the webcron field?
## Summary The encryption_password field already exists in the profile form and BackupEngine applies AES-256 encryption when set. Verify the field is visible and working in the current profile UI. If not visible, ensure it shows in the Archive Settings tab. Note: AES-256 ZIP encryption requires PHP compiled with libzip 1.2.0+ and `ZipArchive::EM_AES_256` constant. ## Check - Is the encryption_password field visible in the profile form? - Does setting it actually encrypt the archive? - Is there a strength indicator like the webcron field?
jmiller added the component: admin label 2026-06-23 16:04:44 +00:00
jmiller commented 2026-06-23 17:58:47 +00:00
Author
Owner
Copy Link
Copy Source

Verified — the encryption_password field is already present and visible in profile.xml (Archive Settings fieldset, lines 96-101). It renders as a standard password input with no showon condition, so it always appears in the Archive Settings tab.

The encryption flow in BackupEngine::run() reads the field at line 228 and calls encryptArchive() which applies WinZip-compatible AES-256 encryption via ZipArchive::setEncryptionName() on every file in the archive. The method also validates that ZipArchive::EM_AES_256 is available (PHP 7.2+ with libzip 1.2.0+) and throws a clear error if not.

No changes needed — closing as already implemented.

Verified — the `encryption_password` field is already present and visible in `profile.xml` (Archive Settings fieldset, lines 96-101). It renders as a standard password input with no `showon` condition, so it always appears in the Archive Settings tab. The encryption flow in `BackupEngine::run()` reads the field at line 228 and calls `encryptArchive()` which applies WinZip-compatible AES-256 encryption via `ZipArchive::setEncryptionName()` on every file in the archive. The method also validates that `ZipArchive::EM_AES_256` is available (PHP 7.2+ with libzip 1.2.0+) and throws a clear error if not. No changes needed — closing as already implemented.
Sign in to join this conversation.
Labels
Clear labels
component: admin
Admin UI and views
 component: api
REST API
 component: engine
Backup/restore engine
 component: remote
Remote storage (FTP/GDrive)
 component: scheduler
Scheduled tasks
No labels component: admin
Priority Medium
Type Feature
Milestone
No items
No Milestone
Assignees
Clear assignees
jmiller (Jonathan Miller)
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: MokoConsulting/MokoSuiteBackup#121
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?