Greenhost.cloud
Active member
When disaster strikes, will your website survive? Share your strategies for creating effective backup plans with your web host. What tools do you use, and how often do you back up?
Backup Plans. Are You Prepared?
- Thread starter Greenhost.cloud
- Start date
Greenhost.cloud
Active member
This is great. Keeping backups in a location other than the data center hosting your data is a smart move.
I think the technology used is also important, using Raid can reduce risks on both the backup and host servers.
mxnhost
Member
Absolutely agree! Raid should be a standard practice.
bubblehost
Member
Absolutely.
We backup weekly, with the retention of 6 weeks.
When our on-prem servers go offline, we have backups in the cloud.
We also have UPS's.
Greenhost.cloud
Active member
Great. At least you won't lose a lot of data if something goes wrong.
Another way is to back up the database daily and the files weekly. This can cover a lot of problems.
bubblehost
Member
Yeah, the backups are definitely the most important.
I do backups by hand and also automated as well.
Backups are imperative if you value your business. A large percentage of firms or organizations that lose their data end up shutting down or drastically downsizing. Way better to be proactive than reactive.
Greenhost.cloud
Active member
That is an ideal customer for any provider.
This reminds me of a time way, way back I got called out to a site on a Friday afternoon that they were having IT issues. I turn up and find a couple of desktops completely infected with ransomware, including their accountants PC using Sage and they backed up the software to a crappy network NAS in their office, manually - also encrypted. The consensus from the managing director was that if the data can't be recovered then the business will go under.
I lost my weekend but managed to recover 99% of their data. Although businesses may have backups, it's important to ensure they are also properly isolated from the network to prevent scenarios such as this.
It's a great suggestion, but how does one go about isolating backups from the network in web hosting? Is off-site backup (another DC location) considered off network?
Two main points are:
A locked down firewall between the infrastructure providing web hosting, and the infra providing backups, at a minimum - nothing is allowed through the firewall unless it's a source IP, destination IP and destination port.
There should also be some sort of authentication that is required to access the backup server(s), every time. A example of this could be a rsync, sftp, scp session that is created to transfer the backups, requiring a password, or ideally a SSH key.
A lot of companies end up with their backups encrypted by ransomware because the backup storage is easily accessible over the network without those two points I mentioned. In the NAS example I gave, it was mounted as a SMB share on someone's desktop so it was easy for the ransomware to traverse. Since most of the hosting world runs Linux, SMB shouldn't be applicable but if a provider was simply mounting a remote backup filesystem on their local servers such as /mnt/backups then there's nothing to stop an attacker who has gained access to the server simply browsing to that directory.
Technically, even backing up your data to the same DC can be classified as off network because you can simply have two different networks that are firewall'd from each other. Of course, keep your backups off-site, though.
-
HostingDiscussion
A community for web hosting professionals and enthusiasts, since 2002.
