You can download Snapshots through a URL & Destination problems

So I am running a multisite and backup files weekly and databases daily for all sites. I have them uploading to my private S3 bucket to save space on my VPS. Thing is, it doesn't delete them after it has sent it to my S3 account and I can easily guess a URL and have a chance at downloading a snapshot of my database causing possible security issues. For zip compression, you could encrypt the zips and you should make it so you can guess URLs or have a bot guess them and have your database in the wrong hands.

  • Paul

    @Zach,

    I have them uploading to my private S3 bucket to save space on my VPS. Thing is, it doesn't delete them after it has sent it to my S3 account

    Go to Snapshots > All Snapshots. On this listing edit one of the snapshot configurations. In the section 'When to Archive' there is a field 'Maximum number of local archives'. This defaults to zero which mean keep all local snapshots. Set this to 1 to keep the last snapshot. Remember this is local to your server. Snapshot does not remove remote snapshots on AWS, Dropbox etc.

    I can easily guess a URL and have a chance at downloading a snapshot of my database causing possible security issues

    Hmm. Sorry, doubtful. The snapshot filename does have a pattern. The last part of the filename is a checksum so each filename is unique. I would suspect difficult to guess the full filename.

    Was not sure if you were referring to the local snapshot file or the ones on AWS. For AWS you would need to apply your own security. For the local snapshot files you can always move the snapshot file so it is outside of the web directory. Go to Snapshots > Settings. Then the section 'Folder Location'.

    For zip compression, you could encrypt the zips

    Yeah, would love to but the problem is there is no universal encryption method via PHP. Some hosts install encryption modules some do not. Much like curl module some are just wonky.

    and you should make it so you can guess URLs or have a bot guess them and have your database in the wrong hands.

    Thanks. Again see my previous answer. You can move the snapshot folder location outside of your web root. You can still access/download the snapshot archives via the snapshot admin interface or FTP if needed.

  • Paul

    @Zach,

    I have them uploading to my private S3 bucket to save space on my VPS. Thing is, it doesn't delete them after it has sent it to my S3 account

    Go to Snapshots > All Snapshots. On this listing edit one of the snapshot configurations. In the section 'When to Archive' there is a field 'Maximum number of local archives'. This defaults to zero which mean keep all local snapshots. Set this to 1 to keep the last snapshot. Remember this is local to your server. Snapshot does not remove remote snapshots on AWS, Dropbox etc.

    I can easily guess a URL and have a chance at downloading a snapshot of my database causing possible security issues

    Hmm. Sorry, doubtful. The snapshot filename does have a pattern. The last part of the filename is a checksum so each filename is unique. I would suspect difficult to guess the full filename.

    Was not sure if you were referring to the local snapshot file or the ones on AWS. For AWS you would need to apply your own security. For the local snapshot files you can always move the snapshot file so it is outside of the web directory. Go to Snapshots > Settings. Then the section 'Folder Location'.

    For zip compression, you could encrypt the zips

    Yeah, would love to but the problem is there is no universal encryption method via PHP. Some hosts install encryption modules some do not. Much like curl module some are just wonky.

    and you should make it so you can guess URLs or have a bot guess them and have your database in the wrong hands.

    Thanks. Again see my previous answer. You can move the snapshot folder location outside of your web root. You can still access/download the snapshot archives via the snapshot admin interface or FTP if needed.

  • Paul

    @Zach,

    If I tell it to delete local copies, will I be able to download, restore, etc from the dashboard.

    Yes and no. The restore is not automatic. You need first to copy the file from Dropbox or whatever remote system back into the local server snapshot folder. Within Snapshot there is an import function which will re-add it to the snapshot queue. From there you can restore. We are working on some ways to restore from outside of WordPress in the even of a crash. But at the moment you would need to install the base WordPress system. Then perform the import restore. Somewhere I have a beta which will pull the archive from a remote URL. But the URL needs to be publicly accessible. So mean copy the archive to a public folder then run the import then remove it from public view. A pain but still better than downloading a 100Mb archive then uploading it to your server.

    Thats fine, you should make the directory not web accessible to non-superadmins.

    Thanks. Will consider that for future.

Thank NAME, for their help.

Let NAME know exactly why they deserved these points.

Gift a custom amount of points.