• Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • We are looking for U.S.-based freelancer or agency working with SEO or WordPress for a quick 30-min interviews to gather feedback on XOVI, a successful German SEO tool we’re looking to launch in the U.S.
    If you qualify and participate, you’ll receive a $30 Amazon gift card as a thank-you. Please apply here. Thanks for helping shape a better SEO product for agencies!
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

Plesk 12.x.x Backup Manager Encryption - Security Issue

R

Ricardo1234

New Pleskian
Hi all,

I have got the Plesk backup manager running scheduled back up jobs to a private FTP server without any trouble i've noted that even though that encryption and a very strong password is used at Plesk Backup Manager settings the file can be easily opened without anytrouble using 7-ZIP (opensource). This is surely a security breach or am I missing something?

Regards
Ric
 
well ... it explains how Plesk works however i still strongly believe this is a security fault.


Let's asume for a second that an wordpress/sugarcrm/zurmocrm/orangehrm/alfresco instalation is kept among the backed up files, ... these applications will have wp-config.php, settings.php, databases.php files that will store passwords for the databases or other services (cloud storage credentials) at the VM.


So, to be honest I cannot see much sense in encrypting only some passwords or other sensitive content while doing a backup leaving out other core content.


Taken from the Plesk backup manager:

"For security reasons, we recommend that you protect sensitive data contained in backups with a password. This particularly concerns passwords included into backups. Such protection makes it impossible for an attacker to obtain your data when the security of your backup storage is compromised." --- So I went ahead and ticked the relevant box and typed my strong password


Taken from the admin guide:

Plesk's encryption key. By default, all backups created in Plesk are encrypted with an internal key

The above sentences give a sense of false security and may even be perceived as misleading (they most certainly misled me)

Having said that, it’s obvious for me that Odin decides Plesk development route, but it's just my 2 cents.

(OP: maybe you would like to join both threads)

Regards
Ric
 
Last edited:
You quite right. Currently there are no special protection of user content in the backup. Plesk protects only its sensitive data, web content archived without any encryption. So end-user should care about backup security, if those backups are outside Plesk environment (Personal FTP storage or downloaded backup)
 
Not necessarily. And I’ll give you a very good example:


If some gains ADMIN access to a wordpress/drupal/other web applications install parts of the Plesk container file system, cron jobs, etc will be compromised and would undoubtably increase exponentially the chances of the system to be exploited with virus, rootkits, malware “indirectly” affecting Plesk. (as an analogy no point to build a metal wall if the door is still glass)

So, in other words ... if a wordpress installation is compromised the installations of malicious (or not) plugins can lead to the installations of rootkit, malware and virus at the container. I cannot see for a second how this would be good for any Virtuozzo container running Plesk and how you could consider Plesk not being affect if for instance the container is used to conduct a DDOS to a random host.

Example: https://github.com/leonjza/wordpress-shell
(this is a legit wordpress plugin)

I know there is a lot of if’s but that is how IT security is: “based on if’s”.


In other hand I do appreciate that the user should also be responsible to protect the backup but why not give “them” a hand? Why not ask for two distinct passwords? One for the Plesk encryption and another for the file systems. That way it wouldn't compromise each other. This would work wouldn’t it?

Do anyone know if this can be achieved creating a Plesk extension?
 
if you cannot write a extension to deal with the only way i can see this being done is to use a shell script to re-zip the backups xml.gz and upload it to an FTP server ... but this solution will certainly be outside Plesk scope (and that is a shame).

OP: Thanks for the quick reply
 
You must log in or register to reply here.

Similar threads

M
Resolved Plesk restore from a ZIP after server failure.
Replies
0
Views
420
mad_inventor
M
Linulex
Resolved error in Plesk Backup Manager since upgrade to 18.0.63
Replies
12
Views
2K
Pascal_Netenvie
Pascal_Netenvie
P
Resolved Issue with Subscription Backups in Plesk CLI Using FTP Storage
Replies
5
Views
1K
paolotrombini25
P
Q
Issue How does Plesk Identify the application instance for Backup Encryption
Replies
2
Views
913
jorge ceballos
J
M
Question Issue with plesk backup manager and backups are taking long and not completing
Replies
0
Views
774
maximus99
M
Back
Top