As identified in security reports, leaving backup files (like bk.7z , db.sql , backup.zip ) accessible in your public web directory is a security risk.
It allows you to password-protect sensitive data. Common Contents of bk.7z As identified in security reports, leaving backup files
Restrict file access so only the authorized user can read or download the backup ( chmod 600 bk.7z ). Example Workflow If you are restoring a site, follow this order: Download: Download bk.7z from the server. Extract: Extract contents locally. As identified in security reports