Announcement

Collapse
No announcement yet.

Direction of File Replacement functionality

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Direction of File Replacement functionality

    Your beta version has the new "backup and restore" functionality however, there are just two options to restore from: Acronis and cPanel. We use R1Soft off the server and most sites are also automatically backed up daily via Softaculous. Are there any plans to implement both of these or at least R1Soft?

    Since Softaculous backups arent so immune to infection (attackers often place malware in the backup folders) Im not sure how reliable that option would be. We do occasionally grab the database from that backup (after inspecting it) if it is more recent than the R1Soft copy. Still, I suppose if the detection was fast enough there might not be an issue.

    We are still left with the issue of the sudden appearance of new files where they ought not logically be. Since WordPress and just a handful of other apps (Joomla, Magento, PrestaShop, PHPList, DadaMail and 5-6 others) comprise 99% of what is commonly installed cant there be a comparison of what is found elsewhere in the herd and when new files appear outside the norm they are quarantined and the user is notified to accept or deny these additions? If they arent recognized a backup and then a rollback could be done wiping the restoration path first. To take it s step further there could be an option for the user to respond with password changes for cPanel/ftp/MySQL(in the case of MySQL the old password would be updated in and config files as not to break the app).

    I know its a tall order but we really need to address the whole payload. Also/alternately, if a file is infected can a scan be done to find all changes/new files within a period and quarantine those as well? Once an infected file appears I guess what has been done so far could marginally mitigate the damage until a human can respond.

    With the power of file replacement Id like to see if the manual process we now do be replaced:

    1. Find point/time of intrusion
    2. Roll back to snapshot prior to intrusion
    3. Change credentials
    4. Heightened monitoring for recursion for a set period.

  • #2
    We are working on R1Soft, yet it is not easy. We waited for ~5 months just to get API/example on how to use it. And it doesnt seem to fit our need (but we are hopeful). No plans for softaculous backup. We provide info on how other backup vendors might integrate -- but we just cannot support all of them out of the box.

    And yes, we are working on prevention/cure for different type of payloads, it is just a bit farther in the future.

    Comment


    • #3
      Hi, does it works with JetBackup? its very popular for cpanel.

      Regards,

      Comment


      • #4
        Hi, does it works with JetBackup? its very popular for cpanel.

        Regards,

        Comment


        • #5
          We are committed to support r1soft. The problem with R1Soft is that it takes them forever to answer, and we still dont have all the needed API to support backup restore with r1soft.
          Overall, we are planning to be backup agnostic. We will support few out of the box, and we will promote CloudLinux backup for those who dont have backup solution yet.

          Comment


          • #6
            Hello,
            weve patiently waited a long time for this and we havent gotten any word as to the progress. Frankly, it is puzzling to us that since R1soft has a cpanel plugin that allows a user to navigate the past backups and restore anything they wish, selectively, why that functionality would not be enough to convert into a program that would use the same connection method and just automate the restoration process. If a user can do it why cant you?

            Comment

            Working...
            X