cPanel & WHM Version 82 has been released, and brings a slew of great updates. Take a look at what is included, and then upgrade today!
 

Backups - encryption of backups (symmetric and asymmetric)

lorio shared this idea 3 years ago
Open Discussion

Allow to encrypt backup archives.


Allow use of two methods:

1. Symmetric encryption (one secret key)

2. Asymmetric encryption (aka public key encryption)


Looks like a encrypted apple iPhone is important, but saving complete cPanel backups without any encryption is fine.

I see here many requests for new backup destinations, but encryption has not yet been requested.

Comments (6)

photo
1

It's will be a good feature to put a password on the backup. For example with Amazon S3 (external system) without 2 step authentication ... We need this ASAP ! ;-)

photo
1

Six years have passed and the backups are still done uncrypted. Seems to be no real issue for most users here. Is everybody using a addon software for backup or why is the activity in that area so low (FTP/SSL as backup destination is missing too for years).

photo
1

I wish I knew. At tyhis moment I am pulling my hair trying to come up wit ha good way to produce automated backups either to encrypted files on the webspace, or putting them on another machine via sftp securely (no password auth pl0x, and no shell access).

But I have to conclude that the best way probably is some commercial backup service integrated with cpanel :(

photo
1

Hey everyone! @BobHoliday has started a conversation over on the forums about how best to go about uploading encrypted backups to his Amazon S3 server, and I thought the folks here might be able to provide some insight.


https://forums.cpanel.net/threads/encrypting-backups-sending-to-aws-s3-bucket.600027/


If you have thoughts, make sure to add them on that forum post!

photo
1

It is possible to develop this functionality yourself. If you know how to whip up a bash script, here is the recipe:

  • Let the script check whether the cPanel backup is currently running.
  • Encrypt the backup folder, using standardized means - eg, using GPG (you can use GPG both with a symmetric and asymmetric setup).
  • Ship the encrypted backup off to wherever you like.

Possible pitfalls:

  • This is merely for the complete server backup - it doesn't hook into the user interface or anything
  • Depending on how you develop this, it might temporary require additional diskspace
  • Nobody but you is responsible on supporting this, taking proper measurements to ensure security - eg, hardcoding an encryption key in this script is, well, bad practice to say the least

photo
1

We wanted to provide a brief update. We're not planning on this feature at this time. Make sure you're using your votes to let us know which features are important to you, and subscribe to the ones you'd like to get updates for.