• Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • We are looking for U.S.-based freelancer or agency working with SEO or WordPress for a quick 30-min interviews to gather feedback on XOVI, a successful German SEO tool we’re looking to launch in the U.S.
    If you qualify and participate, you’ll receive a $30 Amazon gift card as a thank-you. Please apply here. Thanks for helping shape a better SEO product for agencies!
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

Question Simple question about Plesk backups

M

msospc

New Pleskian
Server operating system version
AlmaLinux OS 8.x 64-bit
Plesk version and microupdate number
Plesk Obsidian Web Admin Edition - Version 18.0.67 Update #3
Good evening,

sorry, I wanted to set our plesk to make a backup on our remote PC that always remains on.

So we saw the entry: FTPS.

1742401908241.png

We have seen this simple guide, which explains how to install filezilla server on our remote PC:
www.iperiusbackup.net

Filezilla FTP Server Free - How to install and configure it

Filezilla Server is a free software to create your own FTP server in a few simple steps. It can be said that it is the server counterpart of the well known FTP client application Filezilla. Filezilla Server Free supports both FTP and FTPS, also using Let’s Encrypt (while Filezilla Client also...
www.iperiusbackup.net www.iperiusbackup.net

The question is:

1) By installing filezilla server do we expose our remote PC to risks of external access? (since the guide indicates to open network ports)

2) we have seen that it is possible to set: "FTP over TLS" by creating a LET'S ENCRYPT certificate. Question: does this certificate only encrypt communication or also protect access to the PC where the backups will be received? We would not like to remain only "username and password" as access.

3) Are there any other solutions that you recommend? We have seen that there is a plesk backup proposed in the plesk panel at about €49 per year (excluding space) or File Zilla Enterprise that costs €199 per year but includes space.

Thank you
 
Opening ports in the firewall will always expose you to risks. As long as the software you're using is kept up to date and have other checks in place (Fail2Ban for example) then you can lower the risks but it's still a risks. All web servers has that risks. If the remote server you're using for backup only needs specific IP addresses connected to it you can minimize the risk further by locking down the ports further by restricting it to said IP addresses of the plesk server (or servers).

As for certificate, it's for SSL only which only tells the client that it can be trusted assuming that DN matches up. If used for backups and not using a DNS name then honestly you don't need one since if you're making the connection via TLS it'll be encrypted anyways. It has nothing to do with signing in so if you rather not use a username and password then filezilla server is not what you want and what you do want will costs a lot of money since now you're talking enterprise level features.

As for other solutions, it depends on what you want to do. I have mine backup to an Amazon AWS S3 Bucket, others have it backed up to OneDrive or Google Drive, some has it backup to a FTP server, etc. So there's no wrong answer just depends on what your use cases are.

And if you ask me, I wouldn't rely solely on backups to one location but to at least 2 different locations and would also take snapshots (if it's a VM).
 
Thank you very much for your considerations.
I have carefully evaluated them.

I have seen that if I install FileZilla Server Free on my PC I can make an FTPS backup very easily and set a whitelist of the accepted public IP address.
So I think that the simplest solution could be that.

As you say, I don't need the LetsEncrypt certificate much, so I don't install it.
It seems to me a sufficiently secure solution for my needs.
Also, every month I manually make a backup of wordpress. So I'm calm.

Other questions:

1 - What do you think of the solution I chose?
1 - I understand that with FileZilla Free I can't install Fail2ban. Does anyone have experience? I would have added that function too.

Thanks
 
You must log in or register to reply here.

Similar threads

M
Issue Backup to FTPS server fails after upgrade to Plesk 18.0.64
Replies
1
Views
816
mjehlenz
M
enerspace
Internal backup over CIFS / SSHFS mount
Replies
12
Views
2K
Sebahat.hadzhi
Sebahat.hadzhi
H
Issue Backup failing to connect to remote FTP server
Replies
5
Views
3K
Peter Debik
P
Endre
Issue Unable to access the remote backup storage using SFTP
Replies
6
Views
3K
Endre
Endre
M
Issue FTP behind VPN - Connect it via Local IP
Replies
0
Views
3K
Mutate2546
M
Back
Top