Why don't web host run offsite backups?

LampNetworks said:
Even if cPremote was secure it isn't good practice to push backups anyway.
Click to expand...

who says. I would say its the best practice to push backups to a remote server.

Its no good keeping backups on the same server as the sites as if the server goes down so does all the backups.

we use cpremote and push the backups to a remote server and then even have the remote/backup server mirrored to a second server, so we have the backups on at least 2 other servers in different Datacenters
 
LampNetworks said:
It is better to have remote server 'pull' backups from web server. If you 'push' to remote server and your web server is compromised then your remote server is also vulnerable.
Click to expand...

so if your remote server is compromised then your web server is also vulnerable. It goes both ways, so it all comes down to what security you have in place on your servers
 
Last edited:
Unlike your web servers, your backup servers have no public interaction, there is no obvious target like a website / database etc... The safest way to secure cPremote backups would be to pull the backups (from backup server) to another server rather than push again.
 
easyhostmedia said:
who says. I would say its the best practice to push backups to a remote server.
Click to expand...

Lamp's method is more secure. If you want secure backups you should pull the backups off your server. If you push backups a hacker can compromise your cpanel server and then delete all of your sites and then go to your backup server and delete all of your backups.

If you push you are just wasting resources since if your main server gets attacked your backup server will also most likely get attacked.

If you pull your backups, an attacker cannot access your backups from your main server.

Its no good keeping backups on the same server as the sites as if the server goes down so does all the backups.
we use cpremote and push the backups to a remote server and then even have the remote/backup server mirrored to a second server, so we have the backups on at least 2 other servers in different Datacenters
Click to expand...

That's narrow thinking. As I have pointed out to you many times in the past, if you are to keep two backup servers its best to keep a local (dedicated) backup server and a remote backup server in case of local catastrophe.

The local backup server doesn't have to be the web server. You will speed up recovery times, especially for complete or bare metal recoveries, if you can recover from a local backup.

The numbers don't lie: http://www.hostingdiscussion.com/we...eb-host-run-offsite-backups-2.html#post170341
 
Last edited:
The offsite backup should be a supplement to the onsite backup, not a replacement. It can take days to recover with an offsite backup. Offsite backups are good in case there is damage to facility or the on-site backup system itself is inaccessible.
 
A nice trend these days is for hosts to offer direct Dropbox backup for their clients.
As someome mentioned before you should never trust your provider to back your data and rely on it. If you have mission critical websites and cannot afford downtime you should either subscribe for a 3rd party backup service or be sure (pay for exclusive backup service to you provider) or manage a daily backup yourself.
Some control panels, like Hepsia for example a daily backup of your websites to your own dropbox folder.
 
@nodepacket usually a good host will have gigabit connectivity to the Internet, so it will take a few hours to restore.

We use an offsite vault and the speed between them and using a more local different server is minimal.

We don't pay for incoming transit either so that's a bonus!
 
ughosting said:
@nodepacket usually a good host will have gigabit connectivity to the Internet....We use an offsite vault and the speed between them and using a more local different server is minimal.

We don't pay for incoming transit either so that's a bonus!
Click to expand...

gigabit internet connection between prod server and backup server? Show me a 15 minute transfer of 500 GB of remote data and then tell me where I can sign up for this service!

Maybe the internal connection/NIC/5e cable is 1 Gb.

Here are a couple of times required to transfer 500 GB of data:

Onsite, server to server with perfect fast Ethernet: 1 hr 11 minutes
Offsite, server to server with perfect T1: 32 Days

Also consider: Offsite backup companies will shut down service for periodic maintenance. Also for offsite recovery, if you still have some servers in production you may not want to use the same bw pipe for recovery as your customers are using for web services)
 
TiffanyH.AH said:
Why don't any Web hosts run offsite backups?
Click to expand...

We have been running off-site backups since day 1. This isn't just for clients' peace of mind, but for ours as well.

There are many cheap alternatives to doing this; when we were starting out, a backup to a VPS made sense, before moving to something expensive like R1Soft
 
We offer free basic off-server FTP backups for those that want it. Surprised at how many don't bother though(!)
 
It's often neglected due to the expense. The reality is that hosting businesses need to factor off-site data backup costs into their business models, because it's an absolute necessity.
 
Gaiacom_LC said:
It's often neglected due to the expense. The reality is that hosting businesses need to factor off-site data backup costs into their business models, because it's an absolute necessity.
Click to expand...

I think that when it's neglected due to expense, the true 'expense' hasn't really been calculated by the company; the cost of NOT having backups is infinitely larger than the few dollars a start-up hosting company will pay for a small bit of off-site storage.
 
TSHosting said:
I think that when it's neglected due to expense, the true 'expense' hasn't really been calculated by the company; the cost of NOT having backups is infinitely larger than the few dollars a start-up hosting company will pay for a small bit of off-site storage.
Click to expand...

I agree, but if a host is will to do research it is not that expensive

we have two KMV back up servers



250 GB
Storage

512 MB
RAM

1000 GB
Bandwidth

which were listed at $10 a month each, but with a promo code of $5 discount on each then we have both for a total $10 and we pay $6 a month for cPremote, so backups are taken daily to one of these servers and then this is mirrored to the other server
 
LampNetworks said:
The safest way to secure cPremote backups would be to pull the backups (from backup server) to another server rather than push again.
Click to expand...

I'll never trust 3-rd parties for scripts like cPremote etc. Our solution backup is to backup the accounts, and use 2 different location (different datacenters) to store the data. Let's say location A is taking backed accounts, and location B is syncing location A, so location B is a copy of location A. In location A we automatic removed any backup directory that is over 60 days. All this process is automatic, on cron, over SSH-keys connections, and ONLY allowed IPs to connect to those backup servers. I have seen too many bad things to take a chance using third parties programs, especially from "overseas".

Regards
 
Last edited:
It is mostly the clients responsibility to run backups. If you want that the host will do this for you - most host provide fully managed support which includes backups

Regards
 
You must log in or register to reply here.

Supporters

Back
Top