Security

rssnapshot – How to backup files / website to remote backup location?

Ananda Raj Pandey1 Comment

How to backup files from one server to another server using rssnapshot?

Server-Backup-Cloud-Backup

In this tutorial, we will setup backup in on server, which will pull data from main server as  backup files. This way, if the main server goes offline, all our important files will be there in backup server. For this we will use ‘rsnapshot’. rsnapshot is based on rsync and can be used to backup in remote server or different server.

Since we are backing up in stand alone or different server, all the setup we are doing is in backup server. Before we start with rsnapshot make sure your backup server has ssh access to your main server. To enable ssh in backup server please read this article to create ssh login.

We also need third party repository called EPEL, so that we can install rsnapshot by ‘yum’ command.

1) Install rsnapshot via Yum:

yum install rsnapshot

if you get message like package not found, them please update your repository with EPEL.  To update your repo follow following:

RHEL/Centos 7 64-Bit:

wget http://dl.fedoraproject.org/pub/epel/beta/7/x86_64/epel-release-7-0.2.noarch.rpm
rpm -ivh epel-release-7-0.2.noarch.rpm

RHEL/Centos 6 64-Bit:

 wget http://download.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm
rpm -ivh epel-release-6-8.noarch.rpm

  RHEL/Centos 6 32-Bit:
  wget http://download.fedoraproject.org/pub/epel/6/i386/epel-release-6-8.noarch.rpm
  rpm -ivh epel-release-6-8.noarch.rpm

 2) Setup Config File:

vi /etc/rsnapshot.conf

In config file we are intend to do two things:
a) setup the interval for backup.
b) Setup location from where we need backup files and where to store it.

a) Set snapshot_root to path where you want to keep the backups:

snapshot_root   /root/rsnapshot/

b) Set up the list of directories/files to back up.

look for “backup” text in config file, its in lower part of the file, here we can set multiple backup source and detination.  format is

 backup    <source>    <destination>

please note directory required trailing slash.  so /etc is wrong while /etc/ is right format. And seperator is ‘TAB’  not just a space.

c) few examples of backup path setup.

i) If we want to back /folder/ from one location to another in same server we can do the following.

backup /folder/            localhost/

here every contain of /folder/ is backed up to /root/rssnapshot/localhost/
ii) Backing up files from remote server to current backup server.
Make sure you have ssh login access from backup server to remote server ( no password setup).

backup    root@example.com:/home/mywebsite/   mywebsite/

here all the files of /home/mywebsite/ form remote server example.com will be backed up to /root/rsnapshot/mywebsite/ folders.

ii) Backing up mysql files to remote location.
Best way to backup mysql is create folder in your current server and run the cron script to dump mysql, and backing up that folder from remote rssnapshot script. But you can also find pre-created scripts in rssnapshot package.

a) copy script from rssnapshot utility.

cp /usr/share/doc/rsnapshot/examples/utils/backup_mysql.sh /usr/local/bin/

b) give proper permission to the file.

chown root.root /usr/local/bin/backup_mysql.sh
chmod o-w /usr/local/bin/backup_mysql.sh

c) edit script to suite your needs.

vi /usr/local/bin/backup_mysql.sh

d) Now finally edit rssnapshot.conf file to runbackup

backup_script   /usr/local/bin/backup_mysql.sh  localhost/mysqldump

 d) Setup backup interval:

interval        hourly      6
interval        daily         7
interval        weekly     4
interval        monthly    3

This will take backup every six hours on a day. Define your own schedule as per your requirements.

3) Check config:

# rsnapshot configtest

4) Running Backup:

a) manually running

 rsnapshot hourly

b) running as corn job

vi /etc/cron.d/rsnapshot

and paste following lines, you can change the timing as per your requirement.

 0 */4		* * *		root  /usr/bin/rsnapshot hourly
 30 3  	* * *		root	/usr/bin/rsnapshot daily
 0  3  	* * 1		root	/usr/bin/rsnapshot weekly
 30 2  	1 * *		root	/usr/bin/rsnapshot monthly
Ananda Raj PandeyLeave a comment
website hacked? what next
website hacked? what next

“My website has been hacked! What should I do?”

Being hacked is every website owner’s worst fear.

It can happen to anyone — even to the most experienced ones. After all, hackers are everywhere and we can be a tad lenient with our guards down. Ironically, most of us are not even aware that our site has been hacked especially if the hackers are taking extra steps to cover their tracks. This way, they can use your site as long as they want to do their dirty tricks.

Before we discuss the different steps on what to do when your site gets hacked, it is important that we should know the typical ways hackers access other people’s websites. This way, we can take precautionary measures to prevent this from happening (again).

The first and easiest way to hack a site is by guessing the password. So make sure that your password is a combination of letters of different cases, non-alphanumeric characters, or a mixture of both. Never use your personal information as your password. Another way to hack a computer is using malware to access someone’s log-in information. If you are using outdated software with vulnerable security in your PC, it also opens up your site for hackers to prowl around. Hackers can also hack into someone else’s website that shares the same server with you and use it to access your site. This is the reason why for security reasons, it is best to avoid cheap hosting providers!

What should you do when your site is hacked?

1. Stay calm. The discovery that your site has been hacked can be downright scary. I remembered the time a colleague of mine discovered her email account got hacked. She was so overwrought that she looked so pale and disoriented that she can’t think straight. You have to keep calm and remember that everything will be fixed in time.

2. Ask for help. Let everyone know that your website has been compromised. If you do not have the technical expertise to deal with the problem, ask for assistance from your hosting site or anyone who is familiar with your site and configuration.

3. Supply the needed information for the tech person to restore your site. This would include your content management system log-in info, your hosting info, web and error logs (you can get this from your hosting site) and file backups. Thus, it is vital that you should back up your files regularly in case something like this happens again.

4. Make sure to get your site offline while it is being fixed.

5. Clean up your site. Once you provide all the information needed, cleaning your site will start.

This process would include:

a. Changing all your passwords
b. Making a backup file
c. Examining the log files to determine how and when your site was hacked
d. Checking software extensions to make sure they are up-to-date
e. Cleaning and putting the site back online

I always believe that things, however worse it may be – happen for a reason. There is always a valuable lesson to be learned, mistakes to be avoided and knowledge added. Having your site hacked is no fun.

However, you can take steps to make sure it does not happen to you. After all, it is always better to be

safe than sorry.