define('WPSTG_OTP_DISABLED', true);
Starting from WP Staging 5.9.4 the OTP feature is disabled as default but can be activated with the code:
define('WPSTG_OTP_ENABLED', true);
WP Staging has the ability to upload backup files directly to a WordPress website. This feature is available only to administrators and is very secure, but if you want to add another layer of protection you can activate a two factor option for extra authentication.
So, when uploading a WP Staging backup file via Backup → Upload Backups, WP Staging will email you a one-time password (OTP) verification code. This ensures that only double authorized users can upload a backup to your website, maintaining the integrity of your backup files.
This security measure can prevent arbitrary file uploads, a potential vulnerability that could be abused by authenticated users who should not have upload capabilties.
If your website cannot receive emails, for example, when it’s a development website, you can keep this feature off. However, we recommend activating OTP verification for security reasons if your website is a production site. If email delivery issues persist, uploading backup files via FTP is another alternative.
To turn on OTP verification, add the following line to your wp-config.php file:
define('WPSTG_OTP_ENABLED', true);