The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

have to backup clients sites

Discussion in 'Data Protection' started by apac, Sep 8, 2008.

  1. apac

    apac Member

    Joined:
    Sep 8, 2008
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    1
    My wholesaler has told me 2 accounts are being hacked and used to send mass emails.

    I need to know if whole site backup will save absolutely everything the clients have created and also their email accounts or will I have to generate each one manually again?

    I notice it says it cannot be restored using cpanel so how do you retsore it?

    Are there and better options for me using WHM?

    Sorry for the post, I did search and read the instructions, but being the first time and clients sites that are affected I just want to get it right.

    Also my host has only allowed a 6 hour time to do the backup before terminating the accounts so I need to get this right the first time.

    Regards,

    Bill
     
  2. apac

    apac Member

    Joined:
    Sep 8, 2008
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    1
    No backup in WHM

    I host websites for clients and buy my hosting through a 3rd party.

    I need to do a full backup of 2 sites as they are having trouble with allegedly mass emails sent via their accounts.

    My provider says backup in 24 hours and they will terminate the accounts and recreate them then I can upload the backups.

    The one problem I have apart from never having done it is that my WHM has no backup section or icon, so how am I supposed to restore a full backup?
     
  3. trochia

    trochia Member

    Joined:
    Aug 26, 2008
    Messages:
    24
    Likes Received:
    0
    Trophy Points:
    1
    Main > Account Information > List Accounts = BINGO!!

    ?? See the cPanel Icon?:D
     
  4. apac

    apac Member

    Joined:
    Sep 8, 2008
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    1
    I assume you mean the cpanel icon next to each account?

    In which case it takes me to the users Cpanel which does not appear to allow me to restore a full backup, only create one or do partial backups???

    Does anyone know if the 4 partial backups. ie

    - Home
    - MySQL database
    - Email Forwarders
    - Email Filters

    Do exactly the same as a full backup or not?

    If not can anyone see the obvious mistake I am making in not being able to find out how to actually restore a full backup and one article I read appears to Inidicate that you should be able to do a full backup from WHM and it will recreate the entire account as well as the website?

    Any help much appreaciated
     
  5. apac

    apac Member

    Joined:
    Sep 8, 2008
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    1
    no backup in WHM

    This was a response from our provider???


    Now What???


    The WHM documentation you are referring to is probably for a root WHM and that means it is for a dedicated server. A WHM backup utility is only found dedicated (root) WHM\'s and not on reseller WHM panels.

    The accounts are compromised and are abused to send excessive email. You can do a backup via the cpanel ---> backup. If you do a complete backup and then restore exact same account back on the system again, that is just going to bring the compromised accounts back on the system. I will see if our level II techs can determine what is sending email from the two account (but no gaurentees we can do it). I will update you soon.
     
  6. cPanelDavidG

    cPanelDavidG Technical Product Specialist

    Joined:
    Nov 29, 2006
    Messages:
    11,279
    Likes Received:
    8
    Trophy Points:
    38
    Location:
    Houston, TX
    cPanel Access Level:
    Root Administrator
    The full site backup will back up all data associated with that user, including emails and cPanel settings.

    Only WHM users can restore full site backups. As a result, you'll likely have to have your new hosting provider restore this backup for you.

    Note, to curb the same thing from happening again, you should consider having your users use stronger passwords.
     
  7. trochia

    trochia Member

    Joined:
    Aug 26, 2008
    Messages:
    24
    Likes Received:
    0
    Trophy Points:
    1
    Hold it?... You just said>> you're in cpanel and

    YES< a full backup !!

    Do it then ?? You said you have ( 2 ) accounts that need it?

    Do it twice...of course, not the same account :p

    It will give you an option, to putin in the root (home) DIR under that acct. You then Download the 2 files....Then delete them in WHM, or you also say:

    I'd make sure you YOU!!!! have a copy downloaded....FIRST...then tell them to do it, ( or you do it...then just recreate the the acct's...then "restore" from a backup in cPanel...
     
  8. apac

    apac Member

    Joined:
    Sep 8, 2008
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    1
    sorry i just dont get it

    Yes make the full backup

    Yes download it

    No problems at all there.

    Where I don't understand is that in Cpanel or WHM I can find now option to restore from a FULL backup and my understanding is that this is only possible from WHM, but my provider has told me only dedicated servers are able to do this, not shared like my account.

    Quite frankly it seems like I should use a host that will provide this option just in case its needed
     
  9. apac

    apac Member

    Joined:
    Sep 8, 2008
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    1
    Thanks David But......

    The provider claims that if I do a full backup then scripts may have been hacked and compromised and all I will be doing is recreating the same problem again?????

    I suggested maybe a password change by the websites owners for emails and login might be all that was required but they came back with the above response.

    Quite frankly seriously considering changing providers
     
  10. cPanelDavidG

    cPanelDavidG Technical Product Specialist

    Joined:
    Nov 29, 2006
    Messages:
    11,279
    Likes Received:
    8
    Trophy Points:
    38
    Location:
    Houston, TX
    cPanel Access Level:
    Root Administrator
    That is correct. Additionally, only root-level users have access to this feature.

    The only way to have access to this feature is to be a root-level user. Typically that means having your own VPS or dedicated server.
     
  11. SageBrian

    SageBrian Well-Known Member

    Joined:
    Jun 1, 2002
    Messages:
    415
    Likes Received:
    2
    Trophy Points:
    18
    Location:
    NY/CT (US)
    cPanel Access Level:
    Root Administrator
    to be fair to the provider, without knowing where the problem/hack is coming from, you can't just guess that changing a password with solve it.

    They are correct that simply uploading a backup would bring you to the same compromised issue. If it was a simple as changing passwords, then did you do that? Did it stop the issue?

    You might need someone to check out the accounts and see what the exploit is.

    And it is not necessarily your provider's job to fix the issue. If anything, they are obligated to all users on the server to suspend or remove the hacked accounts. But not to fix the problems created by others.
     
  12. trochia

    trochia Member

    Joined:
    Aug 26, 2008
    Messages:
    24
    Likes Received:
    0
    Trophy Points:
    1
    > You might need someone to check out the accounts and see what the exploit is.


    This is true, and just changing deleting and re-installing the same "poison" will not solve it.

    It could be deeper, and you did not mention "type of accounts... if simple HTML, or if they are also database driven... because if they got in to do this, you don't know how deep they got...and I know you don't know the permissions set up.

    re: My wholesaler has told me 2 accounts are being hacked and used to send mass emails.

    What you need to do here, is to "get" the "from" e-mail that is doing it...etc.

    If it's the "root" ( account name ), then IF html only site, pull down ALL files via FTP to your box, delete the acct in WHM... Recreate acct and upload etc.
     
Loading...

Share This Page