FAIL - Backup security settings

[NikolayA]

Hi all,
I have some bug.
I set password for backup in Tools & Settings - Backup Manager - FTP Storage Settings
but this password don't implemented for backup.
Backups makes fine, but nothing passwords on it.
This is strange.

Also i have same bug for domains backup features.

 

[IgorG]

This feature means that content of backup will be crypted but not that backup will be protected by the password. Not all backup content is crypted, but only critical data, passwords, logins, etc. for example.
The password will be requested for restoring this crypted content of backup.

 

[NikolayA]

Igor,
Unfortunately you not right.
Just now i did checking for domain backup from this night.
No files with protection.

I think this is bug.
Version Plesk 12.5.30

 

[IgorG]

No files with protection.

What do you mean and what do you expect? Where is bug?

 

[NikolayA]

What do you mean and what do you expect? Where is bug?

I was extract all archives - nobody ask password.
Please explain with samples - which files and directories archiving with password protection.

Also i'm requesting add feature with full cover password for backups.

 

[IgorG]

Please explain with samples - which files and directories archiving with password protection.

In your archive you can open xml file like backup_*_info_*.xml and check passwords there. They will be encrypted.

 

[NikolayA]

In your archive you can open xml file like backup_*_info_*.xml and check passwords there. They will be encrypted.

This is insufficient.
Why you don't use ccrypt for encrypting all archives on the fly?
Your approach don't cover passwords from config files for CMS such as Wordpress, Joomla!, Drupal, phpBB etc.

 

[Dmitry Y.]

Actually Plesk backup password protection is not about protecting of end-user sensitive data, but it is a protection of the Plesk itself to avoid leak of the panel's passwords.
You can vote for backup encryption feature on UserVoice service, which is tracked by Plesk project managers
https://plesk.uservoice.com/forums/...ackup-password-protection-to-backup-manager-b

 

[NikolayA]

Actually Plesk backup password protection is not about protecting of end-user sensitive data, but it is a protection of the Plesk itself to avoid leak of the panel's passwords.
You can vote for backup encryption feature on UserVoice service, which is tracked by Plesk project managers
https://plesk.uservoice.com/forums/...ackup-password-protection-to-backup-manager-b

Good joke.
Ok, i will do this task himself.

 

[NikolayA]

I did my own casino with blackjack etc.