All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
FTP server on home PC or should i rent some particular FTP service?
Hello,
third party web server needs FTP credentials so it can transfer out backup (20GB daily where i would like to retain like 3 daily backups, 12 monthly backups, 2 yearly backups. I think for start 100 GB space would be OK.
I am thinking if i should utilize my already running home computer as a FTP server, it is running anyway with enough disk space. The data would go to my VPN server first, where i would try to forward the port through the tunnel where on home PC i would iptables ACCEPT that port connections if the connecting IP is web server. Then i would have to solve the FTP server setup. I know this proftpd tutorial that i already used, but that package is not available on Arch Linux in default repo, i would have to use user contributed repo or use package bftpd which i do not know. There some security checklist for ftp server admins.
What would you try, do you know any tutori@l for this purpose?
Another options that comes to my mind is to buy VPS for the purpose, or some specialized FTP service - i guess various cloud drives has it. But the problem of some cloud service without shell/scripting support may be retention of only 3 daily backups, 12 monthly backups... Thank You
Comments
Why not simply get a storage VPS and set up your own FTP server for backups?
Alternatively, you could get a backup account at https://securedragon.net/ , which would save you from having to maintain a VPS.
Yet another inexpensive option would be https://1fichier.com/ .
If the pc is already running nonstop, it should be used.
I am using my ETH laptops at home for many other tasks, but I have 1 gbps unlimited connection so that is not a limiting factor.
Port forwarding will solve the issue. Most plastic routers can do that, but FTP is a bit tricky about it, use something else like SFTP or webdav, or iSCSI.
If you'll be using this for backups, you will want a minimum of two copies of the data stored in different locations. The number of backups you have is the number of copies you have saved minus one (n-1). So, you could get hosted space from some reliable service provider and also have the files from there copy to your local computer.
These will help you determine the best course of action:
1. How important is your data? Will you/your business be devastated if it is lost?
2. What is your budget?
3. How secure does your data need to be? Is the backup encrypted? Does it need to be, either at rest and/or while being transferred? Is this for legal reasons or personal preference? Various industries require different levels of data encryption as a minimum. Note that data transferred by FTP is not secured in transit.
4. Does the 3rd party web server only allow you to transfer backups to an FTP destination or are there options/addons that allow you to also backup to something like SFTP and cloud destinations?
Nope, from the way the question is formulated, i.e. accessing home computer from outside, this probably means it IS a different location. Why would anyone do a VPN, forward ports, etc. otherwise?
I don't think I understand what you're trying to say. Yes, their home computer is in a different location from their production server. But, I wouldn't consider a backup file on the production server to really be a backup. If that server is compromised or dies, they have nothing.
As you know from your extensive experience in the industry, more redundancy is better when it comes to client backups. If they're considering a 3rd party server for storing their backup, it suggests they have some budget for it. In that case, why would we not encourage OP to store a copy of their backup there (presumably with some RAID and possibly some additional provider-based backup, depending on the provider) as well as on their home computer, since latter would essentially have no marginal cost (it's already running and they have ample free space)?
I go for the rule of 3, 3 backups at 3 different places in 3 different moments.
This makes no sense.
Of course they have, they have the backup on the home computer which is at another location.
Also, a back-up on a production server can be a backup in some conditions, for example a different disk only for that purpose. In most situations that would cover the need, but for the other needs, say a fire in the DC superbad luck case in which all drives and volumes are destroyed or similar, the providers goes bankrupt and servers are seized, etc.
You should first stop using the FTP protocol because it is complete insecure. You're sending your passwords around the Internet as plain text. Probably everyone on the Internet has your login credentials by now. And everything you sent over FTP because that's sent unencrypted, too.
Seriously, every time you open an FTP connection, a kitten dies. Stop using it.
Use SFTP or SCP and let FTP die. In fact, it's already dead, so stop engaging in protocol necrophilia.
If you are completely in love with the FTP commands for some strange reason, SFTP is a drop-in replacement. But you may find SCP easier.
Oracle cloud has a free option(200gb storage), back'up to oracle then download to home PC(and like 3 other locations). xD
Edit: forgot to include link, oracle.com/cloud/free
Buy Synology || Qnap and be done with that question.
OP here,
i am unable to find out if it support FTP (when i talk about FTP, i mean secure form of FTP) and if i can easily make it store backups the way i have mentioned (3 daily, 12 monthly, 2 yearly), not all daily. Note that i am regular user so i can not code non-bash scripts etc.
I tend not to do this in order to save money, noise, and eco footprint when comparing to already running computer or a VPS.
not an option since my hosting provider control panel (DirectAdmin) supports only FTP with a "Secure FTP" tickbox - i hope that is something acceptable regarding what @raindog308 suggested. Mine linked article in first post says "The first thing you should do is disable any older, outdated ciphers like Blowfish and DES, and only use stronger ciphers like AES or TDES." and "disable older hash/MAC algorithms like MD5 or SHA-1 and stick with strong algorithms in the SHA-2 family." though i have not yet found if mentioned bftpd allows to configure it. proftpd is in user contributed repo, not in main repo like bftpd is.
click "Backup account". Seems very good, like i should go this way instead of utilizing my disks and limited internet connectivity (even at night), they mention FTP("s" obviously)+SSH, so i can likely setup cron to process my backups for needed retention.
Interesting, their price/value seems to be almost too good to be the truth. They mention FTP, yet i think again there would be problem with the retention, like i want to keep only like 3 daily backups, 12 monthly, 2 yearly. Not 100 daily backups..
their ftp is upload only. you can't download via FTP and you don't see previously uploaded files, so no ftp sync
For this, I would just plug in a External HD., WD My Passport Portable are cheap now.
It is, but SFTP is way better, with a key. It can be done from bash, but I am not sure if you will manage to code resumes or restart on error if you are not good with it.
There can also be rsync options. This article can get you started.
“FTP with a secure option” might mean FTPS not SFTP, which are quite different. FTPS is to FTP what HTTPS is to HTTP - the data is encrypted but the protocol within the encrypted stream(s) is the same. SFTP is a different protocol run through SSH, and is better in several respects (essentially the advantages of SSH including, better authentication options, easier firewall management/traversal, and so on).
One extra thing I'd add to “Disadvantages of rsync / hard link backups” is that if one copy of the file gets corrupt (bad transfer, bad sectors on disk, etc.) all the identical “copies” of that file are affected. You should still have a second backup copy somewhere. Not that this makes rsync & hard-links unsuitable (it is what I use for most of my backups) but it is something to stay aware of with that and similar methods/tools.
Why are you telling me this :P
I prefer FTPS (either FTPS or FTPES) for my daily backups because it is simpler, all traffic is encrypted AFAIK.
You responded to "FTP with a secure option" with a mention of SFTP so I assumed you were making the (not uncommon) mistake of thinking FTPS and SFTP are the same thing. If you weren't, others reading the thread might so the extra clarity could help them.
I mentioned a key, so I think it was obvious. I mean, on this forum where are people that know these things
If a daily backup is 20GB, 100GB space would not be able to contain those backups.
I do not know if you use some kind of deduplication, but since you do the backup over FTP I doubt it.
Exactly. You are talking about SFTP with key based auth. DirectAdmin as described by the OP supports FTP or FTPS, not SFTP, so I'd suggest making it obvious that you are talking about a different method (unless DA does directly support SFTP for backups these days?).
Where people should know these things!
(though in fairness beginners are unlikely to, hence I think we should be explicitly clear when talking about easily confused things like FTPS and SFTP)
Annoying i am unable to update my initial post. What i wanted to add to my last paragraph is:
Even if storage service does not support SSH, one can manage the storage using SSH by mounting remote FTP storage using special tools to ones Linux workstation