In part 2 of my series on offsite backups, I discussed how “pull” backups work with services like DropMySite, CodeGuard, and Jetpack Backup. The idea is that they connect to your website from outside and download the changed files one by one, along with the database. I argued that they were more efficient than other options, and that they had the added advantage of storing your data offline.
But what worried me at first (and still does) is the necessity of giving a 3rd party provider complete access to my website and cPanel. Let’s see why this is necessary and what the trade-offs are.
How to Connect Securely to Shared Hosting?
To be able to download files from your website, you need to give the backup service permissions to read everything in your website’s folder. The two methods of doing this are:
- FTP
- SFTP (SSH)
The disadvantage of FTP should, of course, be obvious. The credentials including the password are transmitted over plaintext, which makes it unbelievably insecure. In today’s world, no one should be using FTP. One thing about FTP however, is that you can restrict users to certain directories, which makes it easy to ensure that the privileges won’t be abused.
Ideally, SFTP or SSH is perfect. Not only is the data transmitted in encrypted form, you can also jail specific SSH users to certain directories and not allow them to poke their nose into other parts of your website.
Unfortunately, Shared Hosting Complicates SSH
There was a time when a lot of shared hosting companies didn’t even allow their clients to have SSH access. Now web hosts like NameHero allow you to open a support ticket to enable SSH access that’s jailed to their folder only.
But what you can’t usually do on shared hosting, is create a new Linux user that only has access to a specific subdirectory of your site. This is trivially done if you have a VPS, where you can just use a few command line instructions to get the job done. But web hosts don’t give their shared hosting clients the freedom to create new SSH users.
Sharing YOUR SSH Credentials
This means that if you want your 3rd party web hosting backup service to connect to your website, you have to give them your SSH username and credentials! This inherently makes me very uncomfortable. Someone with your SSH credentials has full access to cPanel and all your other functionality. It’s potentially extremely dangerous.
But what choice does one have? I can’t bring myself to use FTP, which is arguable a lot more insecure. At least here, you’re giving your creds to a trusted provider that has a reputation to upkeep.
Using Public Keys to Provide Access
One limited workaround is to allow your provider to access your site via a public key, instead of giving them your password. That way, you can revoke the key at any time from cPanel and disable access to it. Some hosting providers like DropMySite make this easy by allowing you to download their own public key as shown here:
Once downloaded, you can add it to your SSH keys from cPanel and allow the backup service to connect.
Database Connections are Encrypted
Database access on the other hand, is easier to live with. For starters, you can create a new user and assign it to the database that you want to backup. Second, remote connections to the database via something like port 3306 are encrypted by default, so you don’t need to worry about either your credentials, or the data being intercepted by a 3rd party.
Bottom Line
There’s no easy solution for allowing a 3rd party service to connect to your site to download files and databases when it comes to shared hosting. Best case scenario, you can configure it based on public keys, and this will allow you to retain a modicum of control over the access. Downloading the database however, can be done a lot more securely!
I’m a NameHero team member, and an expert on WordPress and web hosting. I’ve been in this industry since 2008. I’ve also developed apps on Android and have written extensive tutorials on managing Linux servers. You can contact me on my website WP-Tweaks.com!
Leave a Reply