The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Cron to automate full cpanel backup to SCP

Discussion in 'cPanel Developers' started by Kesava, Jan 21, 2012.

  1. Kesava

    Kesava Registered

    Joined:
    Jan 21, 2012
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Reseller Owner
    I have been messing around with a script trying to successfully run automatic full cpanel backups to my backup server via SCP.

    Following is the script I'm using, which the Linux Administrator at HostGator had a look at and says everything seems to be there, but says that there is an error that reads: "Sorry, all fields are required when using FTP or scp."

    This is the code, it could be an issue with $ftpport, perhaps it is supposed to be $port. Or the remote directory as I've seen a few variants:

    PHP:
    <?php
     
    // PHP script to allow periodic cPanel backups automatically.
     
    // Permissions on this file should be 600 
     
    // Place outside your public_html 
     
    // Crontab:  30 3 * * * /usr/local/bin/php /home/username/cpanel_backup.php
     
    // ********* Configuration *********
     
    // Info required for cPanel access
     
    $cpuser "user"// Username used to login to CPanel
     
    $cppass "pass"// Password used to login to CPanel
     
    $domain "gatorXXXX.hostgator.com"// Domain name where CPanel is run
     
    $skin "x3"// Set to cPanel skin you use (script won't work if it doesn't match)
     
    // Info required for SCP host
     
    $ftpuser "user"// Username for SCP account
     
    $ftppass "pass"// Password for SCP account
     
    $ftphost "user.server.com"// Full hostname or IP address for SCP host
     
    $ftpmode "scp"// FTP mode ("ftp" for active, "passiveftp" for passive, "scp" for scp)

    $ftpport "22";

    $ftprdir "/server/user/home";
     
    // make sure this folder exists on the destination host
     
    // Notification information
     
    $notifyemail "user@gmail.com"// Email address to send results
     
    // Secure or non-secure mode
     
    $secure 1// Set to 1 for SSL (requires SSL support), otherwise will use standard HTTP
     
    // Set to 1 to have web page result appear in your cron log
     
    $debug 1;
     
    // *********** Don't Touch!! *********
     
    if ($secure) {
     
       
    $url "ssl://".$domain;
     
       
    $port 2083;
     
    } else {
     
       
    $url $domain;
     
       
    $port 2082;
     
    }
     
    $socket fsockopen($url,$port);
     
    if (!
    $socket) { echo "Failed to open socket connection... Bailing out!\n"; exit; }
     
    // Encode authentication string
     
    $authstr $cpuser.":".$cppass;
     
    $pass base64_encode($authstr);
     
    $params "dest=$ftpmode&rdir=$ftprdir&email=$notifyemail&server=$ftphost&port=$ftpport&user=$ftpuser&pass=$ftppass&submit=Generate Backup";
     
    // Make POST to cPanel
     
    fputs($socket,"POST /frontend/".$skin."/backup/dofullbackup.html?".$params." HTTP/1.0\r\n");
     
    fputs($socket,"Host: $domain\r\n");
     
    fputs($socket,"Authorization: Basic $pass\r\n");
     
    fputs($socket,"Connection: Close\r\n");
     
    fputs($socket,"\r\n");
     
    // Grab response even if we don't do anything with it.
     
    while (!feof($socket)) {
     
      
    $response fgets($socket,4096);
     
      if (
    $debug) echo $response;
     
    }
     
    fclose($socket);
     
    ?>
    Any help would be appreciated, I've been trying anything I can think of, but have been unsuccessful.

    Thanks
     
  2. cPanelDavidG

    cPanelDavidG Technical Product Specialist

    Joined:
    Nov 29, 2006
    Messages:
    11,279
    Likes Received:
    8
    Trophy Points:
    38
    Location:
    Houston, TX
    cPanel Access Level:
    Root Administrator
    There's some major things that can be improved with that script.

    First: it doesn't use the APIs. This means if someone uses contemporary functionality of cPanel&WHM such as CSRF protection, your script breaks. Using APIs avoids this problem.

    Second: Passing passwords in plain text around the internet for everyone to see. Using the APIs well would avoid this.

    Third: Relying on the functionality of so-called landing pages is not a good idea, especially as we move towards more AJAX usage in the software.



    I would advise familiarizing yourself with the APIs - mainly because they're much more reliable, tend to work better and will be more likely to work regardless of how cPanel&WHM is configured. The API call made on that page is an API1 call:

    Module: Fileman
    Function: fullbackup

    Parameters in sequential order: dest, server, user, pass, email, port, rdir (these correspond with the input field names and values on the Download or Generate Full Backup page).

    As far as how to call this API1 function, we have a sample PHP class you can use which includes examples. You can view or download it via: https://github.com/CpanelInc/xmlapi-php - Just if you only have a cPanel account and not a reseller account, connect to port 2083 rather than 2087 - and use password authentication since you do not have a remote access key unless you have a reseller account.
     
Loading...

Share This Page