[resolved] Simple Backup question

Thought I should show write access is enabled

root@li210-90:~# ftp dynamite.net.nz
Connected to dynamite.net.nz.
220-FileZilla Server version 0.9.36 beta
220-written by Tim Kosse (Tim.Kosse@gmx.de)
220 Please visit http://sourceforge.net/projects/filezilla/
Name (dynamite.net.nz:root): vm-ubuntu02
331 Password required for vm-ubuntu02
Password:
230 Logged on
Remote system type is UNIX.
ftp> cd temp
250 CWD successful. "/temp" is current directory.
ftp> put "/etc/php5/apache2/php.ini" "php.ini"
local: /etc/php5/apache2/php.ini remote: php.ini
200 Port command successful
150 Opening data channel for file transfer.
226 Transfer OK
69463 bytes sent in 0.91 secs (74.3 kB/s)
ftp>

Simple fix - used webmin!

Glad you solved your problem, but just a suggestion: Use SFTP. It's far more secure than FTP, which is unencrypted and open to anyone else stealing your data. Especially with backups, which often contain sensitive data (like passwords, encryption keys, database info, etc.), you really don't want to use FTP.

The simplest approach is to schedule a rsync on your home PC. This will avoid firewall issues (as you wont need to open that port on your router, since it wont be accepting incoming connection, but rather making outgoing connections). There are a lot of methods that would allow you to very bandwidth-efficiently do this as well, by only copying files that have changed or been updated, and only transfer those changes. Using another script, you can duplicate the folder each time after rsync to have a full archive of backups on your cheap, home storage.

Just a suggestion ;) But perhaps this way would also be better since your home PC initiates the backup. If your home IP changes, your internet is out, etc., you won't get weird errors on your server/webmin. You can make your scheduled task tolerant of errors, and simply retry later if things don't work (it can't connect, for example).

This method is also more secure in another sense, in that if ever your server becomes compromised, the attacker wont have full information to connect to your home computers. By doing things this way, your computer always initiates the connection and your server doesn't even need to know it exists, leaving your home network secure.

Thanks for that info, I will have a look into that, because webmin doesn't support incremental backups across ftp / ssh

Re ftp and security - I know how bad security is with ftp - in my home firewall I allowed ftp from my linode ip only.

Again, thanks for the help!

@modcar:

Thanks for that info, I will have a look into that, because webmin doesn't support incremental backups across ftp / ssh

Re ftp and security - I know how bad security is with ftp - in my home firewall I allowed ftp from my linode ip only.

Again, thanks for the help!

True, but if ever your linode becomes compromised, they could just tunnel their way right around your firewall :) By using SSH, you can limit it to pc -> linode authencation, and keep the port closed (unless you use it for other stuff too). You can also disable password auth, and stick with private keys.

Good luck, though. A reliable backup solution is well worth the invested time. ;)