All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Safe backup froms multiple destination
Hi,
So, I've been trying to do safe backup of all servers and accounts/misc on an offsite location with safety. This is what I came up with but haven't been used.
What I need to backup?
- SFTP for backup for custom sites
- SSH for JetBackup
Currently, there are few normal users on main backup servers. SFTP on another one
Now, problem is if server is compromised, hacker can retrieve password of backup dest from jetbackup which is normal ssh, it can be used to delete backups + get access to other backup users. I had added another sftp server to additionally keep all files for atleast some months and autodelete. Transferring all backups from main backup server to another is time taking or hard process as there are lot of directories in it.
cPanel default backups (which has sftp loc) eats up all cpu power. (1) Does Jetbackup has SFTP? I tried all options but none works, there's one named LFTP which returns timeout.
(2) How do you backup your cPanel servers and other files safely.
(3) Possibly suggest some reliable ways
Comments
BackupPC (http://backuppc.sourceforge.net/) is what I use. You can backup multiple servers to a backup server. The backup server logs onto your servers with ssh and transfers data with rsync.
It's easy to restore individual files or large directories. Saved my ass a number of times.
I'm not familiar with JetBackup, but if the backup clients are accessing the backup server over SSH, you could try creating multiple SSH keys, one for each backup client. On the backup server, each SSH key is only allowed (e.g., in .ssh/authorized_keys) to run backups for that one client.
I believe borg can use this setup (in the "trusted server, untrusted clients" model), and can limit clients to only append new backups, not delete old ones.
I'm in a mess of backup setup. Can someone share their backup and recovery plan for cPanel?
Hello jetchirag,
Since you are using JetBackup, the primary purpose of JetBackup is to provide recovery options in case of a disaster. In terms of security - true, if you "push" backups the backup destinations or the backups themselves could be targeted if the server root logins are compromised. The best approach in this case would be to "pull" backups from your server, so the server is not aware of the backups existence. While the current version of JetBackup does not "pull" backups, this feature is currently in development. JetBackupMC, or Management Console, will securely "pull" backups from your server.
In a security sense, the best defense for your backups would be to do your best to ensure your server is secured. This would mean setting up RSA-4096 encrypted SSH keys, storing these keys on an encrypted device, using cPanel/WHM to set up specific "Host Access Control" rules, etc.
SFTP is an option with JetBackup, simply select the SSH or Rsync (uses SSH/SFTP) backup jobs to utilize an SSH key with your backup. These backup methods also have better performance. However, regarding your issues setting up LFTP or other backup destinations, our 24 / 7 Support Team can assist you to resolve any issues you are encountering, and we'd be happy to help!
Glad to know that. Any ETA for this?
Just to clarify, we are expecting JetBackupMC, which will "pull" backups, to be released on the BETA tier within 2 months.