The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Backups

Discussion in 'Security' started by Shine Servers, Aug 14, 2013.

  1. Shine Servers

    Shine Servers Registered

    Joined:
    Jul 13, 2013
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Hi,

    Howday everyone, well one of our customer has a dedicated server along with cPanel/WHM. He configured backup's in such a way that the backup files were placing at Hard Disk as well as been uploaded to an different server using FTP. Few days back, an intruder get into his server and cleared his websites and hard disk backup's. Also then removed the /home , /var and other important system directories. He succeeded in making the server corrupted.
    The most amazing thing that happened is, the intruder cleared his other server as well the FTP Backup's one.

    That server was having his backup's and many important files. So here's my question bank :

    1. How a hacker get accessed to the external server ?
    2. Do cPanel store FTP details somewhere on the server ?
    3. Are the details not encrypted ?
    4. What can be the safest backup method to make backup's at other external server using rsync or ftp.
    5. Is there anyway that we can check the system security ? That it is upto the mark.
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,743
    Likes Received:
    662
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello :)

    It's difficult to pinpoint an entry method because there are several potential methods that a hacker could have accessed a remote server (e.g. brute force). The FTP details for the remote FTP backup destination are stored in:

    Code:
    /var/cpanel/backups
    The password is encrypted. You could switch to SFTP if you would like to use a method more secure than FTP in general. You may also want to consider consulting with a system administrator/security specialist. There are several listed at:

    cPanel Application Catalog - System Admin Services

    Thank you.
     
  3. 24x7server

    24x7server Well-Known Member

    Joined:
    Apr 17, 2013
    Messages:
    1,146
    Likes Received:
    34
    Trophy Points:
    48
    Location:
    India
    cPanel Access Level:
    Root Administrator
  4. Shine Servers

    Shine Servers Registered

    Joined:
    Jul 13, 2013
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Thanks for your reply. Seems SFTP or Rsync is the safest way then using Simple FTP.
     

Share This Page