I'm running a WHM account and use the common php script to trigger backups to a remote ftp server.

What I'm looking for here is some sense of how good / bad / scary it might be to further automate this solution. I can manage the programming side of it but want some thought from the community on how (in)secure it might be.

Here's the kicker. With a pure php solution triggered daily by cron, I need to edit / maintain a file and a cron job for each account. This is too much work, especially as I get more clients and things get moving.

Anyway to my point. Here's the system I'm building.

A) Cron script runs every 10 minutes to call a doMyBackup.php passing it a url parameter (E.g. ?myKey=0123456789)

B) Inside doMyBackup.php, the value of myKey is then passed to a script on a second domain requesting a page over https to get the password for a mySql database.

C) With the MySql password, the doMyBackup.php script connects to it's AccountInfo database to get the details for one account at a time. It will execute the CPanel backup for that account and flag that account as done for the day. Once all the accounts are done for that day, the script exits quietly.

D) On the remote FTP server another cron will move files out of the FTP root as soon as the upload is complete.

In order to compromise my sites a user would need three things:
1) The cron command to get the value of myKey required to fetch the database password.

2) The name, location and url structure of the magic script that provides the mysql password.

3) The location, name, username and password of the mysql database.

All the files used in this system have been chmodded to 600 and they're all placed in folders with long garbage names that contain an empty index.html file. All of the scripts will send me an email if someone calls them without the expected url parameters.

My biggest concern of course is the mysql database that has account usernames and passwords in one spot.

Is there any way - short of not doing automatic backups that I can make this system more secure?

I'd like to keep all the account info in one place so that adding new accounts is easy and doesn't require testing and maintenance of individual files.

Am I looking for something that's not possible?

-4umfreak

Why don't you get an offserver backup space with ssh access from which you can launch a backup script(rsync for instance) to copy over your accounts files and also database data? This way, the original server doesn't need to run any cron, you simply access that server data from a remote location(the cron would run on the backup machine however)

As a further advise, i suggest using sftp for data transfer between servers, with certificate authentication http://www.ssh.com/support/documentation/online/ssh/adminguide/32/Certificate_Authentication.html

Hope it helps

Thanks for the idea thinkovi.

I'll give sftp a shot - I haven't tried to get that running yet but it seems like it might be worthwhile.

I do keep checking out the remote storage but haven't yet found one that suits me.

-M

I have been using steadfast for a while now http://steadfast.net/services/backup.php , they do provide ssh access

Ovidiu

Do you have a reseller WHM account or root?

If reseller WHM then are all those cPanel account yours or are you reselling them?

If reselling, what if user changes their account password?

Yes, it's a WHM reseller account. As a web developer, the sites are either my own or those of my clients and I manage the cPanel accounts on their behalf.

Good point though, there's also a dependency on the chosen cPanel theme. I didn't bother rewriting my script to use the cPanel XML interface...

-4umfreak

Well I just remembered that you can use your (reseller) password to access their accounts, if your host has enabled the feature, so change in passwords is not a problem.

And if you can use their XML Api it will be good for you.