On March 28th, 2018 at approximately 1:30 pm CST the server housing the cPanel Feature Request site’s hypervisor unexpectedly failed.
This failure resulted in the loss of data back to September of 2017. Read more in our announcement.
 

Backup Destination FTP with SSL/TLS support

lorio shared this idea 4 years ago
Open Discussion

Currently FTP as a backup destination is transmitting credentials and data unencrypted.


Even if used in the same datacenter to transmit unencrypted should not be used.


Support FTP over SSL/TLS (FTPS)

Best Answer
photo

I'm back with good news! This request has been added to the backlog of one of our feature teams! I don't know what version it will be developed for at this point, but as soon as we're committed to a version for it I'll let you know!

Comments (12)

photo
1

I'd really like to see this feature in WHM anytime soon. FTP is a real no-go as it's plain-text and SSH is not always possible.

photo
2

Plain FTP is really bad; we can't send private password in plain text. Please add TLS at least

photo
1

Please add support for this, The option for SFTP is not a suitable substitute as it's "SSH File Transfer Protocol" and not all destinations support it, but almost anything that supports FTP also supports FTP with SSL/TLS.

photo
1

Hey all! There's a team working in the backup system for version 66, and I'm going to see if they will consider this request for inclusion in the work they're doing. I'll let you know what I find out!

photo
1

Great to hear, hope they include it. :)

photo
photo
3

I'm back with good news! This request has been added to the backlog of one of our feature teams! I don't know what version it will be developed for at this point, but as soon as we're committed to a version for it I'll let you know!

photo
1

Very nice! This is a step in the right direction! I'm glad to see this is moving forward. :)

photo
1

Way overdue but good to hear.

photo
photo
1

any ETA on this feature ?

GDPR new privacy regulation in ITALY mandates data is encrypted during transfer,

customers with individuals data in their database or files, should make sure backups are transferred in a protected way.


FTPS should be and easy fix

photo
1

No ETA yet. For now, we recommend that folks needing the encryption use the 'rsync + SSH' transport method. The adjustments that need to be made are not small, unfortunately.

photo
photo
1

I do understand that implementing this takes time. Unfortunately, some don't have the luxury of waiting. For instance, a customer - who offer their custom web application 'as a service'. It is built on top of cPanel - using the wonderful APIs. Rather logical to use WHM/cPanels backup system, we'd say.

To work around this feature not being available just yet, they asked us to develop a script that takes care of this. Very basically put, the script encrypts the data pre-flight and ships it off to a remote location. I can't share the source code, as the agreement doesn't allow this.

The disadvantage of the current backup system, is that the remote location also has to offer some safeguards. Whilst SSH (and SFTP/rsync over SSH) does offer secure transport means, it doesn't do anything to secure the data itself. If cPanel were to offer this, that would be awesome. It isn't hard using standarized, secure protocols and userland utilities that come with most distro's - like GPG.

Do I need to make a seperate feature request for this?