• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

Plesk 12.x.x Backup Manager Encryption - Security Issue

Ricardo1234

New Pleskian
Hi all,

I have got the Plesk backup manager running scheduled back up jobs to a private FTP server without any trouble i've noted that even though that encryption and a very strong password is used at Plesk Backup Manager settings the file can be easily opened without anytrouble using 7-ZIP (opensource). This is surely a security breach or am I missing something?

Regards
Ric
 
well ... it explains how Plesk works however i still strongly believe this is a security fault.


Let's asume for a second that an wordpress/sugarcrm/zurmocrm/orangehrm/alfresco instalation is kept among the backed up files, ... these applications will have wp-config.php, settings.php, databases.php files that will store passwords for the databases or other services (cloud storage credentials) at the VM.


So, to be honest I cannot see much sense in encrypting only some passwords or other sensitive content while doing a backup leaving out other core content.


Taken from the Plesk backup manager:

"For security reasons, we recommend that you protect sensitive data contained in backups with a password. This particularly concerns passwords included into backups. Such protection makes it impossible for an attacker to obtain your data when the security of your backup storage is compromised." --- So I went ahead and ticked the relevant box and typed my strong password


Taken from the admin guide:

Plesk's encryption key. By default, all backups created in Plesk are encrypted with an internal key

The above sentences give a sense of false security and may even be perceived as misleading (they most certainly misled me)

Having said that, it’s obvious for me that Odin decides Plesk development route, but it's just my 2 cents.

(OP: maybe you would like to join both threads)

Regards
Ric
 
Last edited:
You quite right. Currently there are no special protection of user content in the backup. Plesk protects only its sensitive data, web content archived without any encryption. So end-user should care about backup security, if those backups are outside Plesk environment (Personal FTP storage or downloaded backup)
 
Not necessarily. And I’ll give you a very good example:


If some gains ADMIN access to a wordpress/drupal/other web applications install parts of the Plesk container file system, cron jobs, etc will be compromised and would undoubtably increase exponentially the chances of the system to be exploited with virus, rootkits, malware “indirectly” affecting Plesk. (as an analogy no point to build a metal wall if the door is still glass)

So, in other words ... if a wordpress installation is compromised the installations of malicious (or not) plugins can lead to the installations of rootkit, malware and virus at the container. I cannot see for a second how this would be good for any Virtuozzo container running Plesk and how you could consider Plesk not being affect if for instance the container is used to conduct a DDOS to a random host.

Example: https://github.com/leonjza/wordpress-shell
(this is a legit wordpress plugin)

I know there is a lot of if’s but that is how IT security is: “based on if’s”.


In other hand I do appreciate that the user should also be responsible to protect the backup but why not give “them” a hand? Why not ask for two distinct passwords? One for the Plesk encryption and another for the file systems. That way it wouldn't compromise each other. This would work wouldn’t it?

Do anyone know if this can be achieved creating a Plesk extension?
 
if you cannot write a extension to deal with the only way i can see this being done is to use a shell script to re-zip the backups xml.gz and upload it to an FTP server ... but this solution will certainly be outside Plesk scope (and that is a shame).

OP: Thanks for the quick reply
 
Back
Top