There appears to be an unauthorized attempt from this site to access your database located at

Question

I am trying to build custom WORDPRESS backup solution that I will use it.

The file will be in wp-content.

The file is named backup.php

When I try to access the database by calling http://myblog/wp-content/backup.php I get the following error:

There appears to be an unauthorized attempt from this site to access your database located at http://myblog.com . The attempt has been halted.

The PHP file:

include ('../wp-config.php');

$con = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD);

mysql_query('use ' . DB_NAME, $con);

$username = 'admin';
$password = 'password';

$r = mysql_query("SELECT id FROM " . $table_prefix . "users WHERE user_login = '" .    $username . "' AND user_pass = md5('" . $password . "')", $con);

if (mysql_num_rows($r) > 0) {
    //code for backup here
}

Answer 1

When you create a MySQL user account, it's possible to specify the server(s) from which that account may be used to connect.

There's definitely the options of 'localhost' or '%' (i.e. any host). It may also be possible to specify a named host as well / instead.

It may be that 'localhost' is the default if you don't specify one (depending on how you set up the user account), and if the DB is on a different host / domain to your Wordpress site then that may be the cause of the issue.

Either way, it's worth checking that the DB user account you're using to connect (DB_USER, DB_PASSWORD etc.) has permission to connect from the host / domain holding your Wordpress site.

I've had a quick look to see where this is under phpMyAdmin, but the one I have access to right now is a shared hosting one that doesn't seem to let me see the permissions tables. There's usually a 'Priveliges' link on the phpMyAdmin home page - follow that (and use the documentation if necessary) and that should get you there.