When uploading a WP Staging backup file via Backup → Upload Backups, WP Staging will email you a one-time password (OTP) verification code. This ensures that only authorized users can upload a backup to your website, maintaining the integrity of your backup files.
This security measure helps prevent arbitrary file uploads, a potential vulnerability that could be abused by authenticated users.
If your website cannot receive emails, for example, when it’s a development website, you can temporarily turn off this two-factor authentication option. However, we recommend keeping OTP verification enabled for security reasons. If email delivery issues persist, uploading backup files via FTP is another alternative.
To turn off OTP verification temporarily, add the following line to your wp-config.php file:
define('WPSTG_OTP_DISABLED', true);After uploading the backup, please remove or comment this line.