• Hi, Pleskians! We are running a UX testing of our upcoming product intended for server management and monitoring.
    We would like to invite you to have a call with us and have some fun checking our prototype. The agenda is pretty simple - we bring new design and some scenarios that you need to walk through and succeed. We will be watching and taking insights for further development of the design.
    If you would like to participate, please use this link to book a meeting. We will sent the link to the clickable prototype at the meeting.
  • (Plesk for Windows):
    MySQL Connector/ODBC 3.51, 5.1, and 5.3 are no longer shipped with Plesk because they have reached end of life. MariaDB Connector/ODBC 64-bit 3.2.4 is now used instead.
  • Our UX team believes in the in the power of direct feedback and would like to invite you to participate in interviews, tests, and surveys.
    To stay in the loop and never miss an opportunity to share your thoughts, please subscribe to our UX research program. If you were previously part of the Plesk UX research program, please re-subscribe to continue receiving our invitations.
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.

Question Simple question about Plesk backups

M

msospc

New Pleskian
Server operating system version
AlmaLinux OS 8.x 64-bit
Plesk version and microupdate number
Plesk Obsidian Web Admin Edition - Version 18.0.67 Update #3
Good evening,

sorry, I wanted to set our plesk to make a backup on our remote PC that always remains on.

So we saw the entry: FTPS.

1742401908241.png

We have seen this simple guide, which explains how to install filezilla server on our remote PC:
www.iperiusbackup.net

Filezilla FTP Server Free - How to install and configure it

Filezilla Server is a free software to create your own FTP server in a few simple steps. It can be said that it is the server counterpart of the well known FTP client application Filezilla. Filezilla Server Free supports both FTP and FTPS, also using Let’s Encrypt (while Filezilla Client also...
www.iperiusbackup.net www.iperiusbackup.net

The question is:

1) By installing filezilla server do we expose our remote PC to risks of external access? (since the guide indicates to open network ports)

2) we have seen that it is possible to set: "FTP over TLS" by creating a LET'S ENCRYPT certificate. Question: does this certificate only encrypt communication or also protect access to the PC where the backups will be received? We would not like to remain only "username and password" as access.

3) Are there any other solutions that you recommend? We have seen that there is a plesk backup proposed in the plesk panel at about €49 per year (excluding space) or File Zilla Enterprise that costs €199 per year but includes space.

Thank you
 
Opening ports in the firewall will always expose you to risks. As long as the software you're using is kept up to date and have other checks in place (Fail2Ban for example) then you can lower the risks but it's still a risks. All web servers has that risks. If the remote server you're using for backup only needs specific IP addresses connected to it you can minimize the risk further by locking down the ports further by restricting it to said IP addresses of the plesk server (or servers).

As for certificate, it's for SSL only which only tells the client that it can be trusted assuming that DN matches up. If used for backups and not using a DNS name then honestly you don't need one since if you're making the connection via TLS it'll be encrypted anyways. It has nothing to do with signing in so if you rather not use a username and password then filezilla server is not what you want and what you do want will costs a lot of money since now you're talking enterprise level features.

As for other solutions, it depends on what you want to do. I have mine backup to an Amazon AWS S3 Bucket, others have it backed up to OneDrive or Google Drive, some has it backup to a FTP server, etc. So there's no wrong answer just depends on what your use cases are.

And if you ask me, I wouldn't rely solely on backups to one location but to at least 2 different locations and would also take snapshots (if it's a VM).
 
Thank you very much for your considerations.
I have carefully evaluated them.

I have seen that if I install FileZilla Server Free on my PC I can make an FTPS backup very easily and set a whitelist of the accepted public IP address.
So I think that the simplest solution could be that.

As you say, I don't need the LetsEncrypt certificate much, so I don't install it.
It seems to me a sufficiently secure solution for my needs.
Also, every month I manually make a backup of wordpress. So I'm calm.

Other questions:

1 - What do you think of the solution I chose?
1 - I understand that with FileZilla Free I can't install Fail2ban. Does anyone have experience? I would have added that function too.

Thanks
 
You must log in or register to reply here.

Similar threads

M
Issue Backup to FTPS server fails after upgrade to Plesk 18.0.64
Replies
1
Views
734
mjehlenz
M
enerspace
Internal backup over CIFS / SSHFS mount
Replies
12
Views
1K
Sebahat.hadzhi
Sebahat.hadzhi
H
Issue Backup failing to connect to remote FTP server
Replies
5
Views
3K
Peter Debik
P
Endre
Issue Unable to access the remote backup storage using SFTP
Replies
6
Views
2K
Endre
Endre
M
Issue FTP behind VPN - Connect it via Local IP
Replies
0
Views
3K
Mutate2546
M
Back
Top