Knowledgebase

Disable FTP Delete for Backup Security Print

  • 0

Introduction

Backing up a web server with FTP is a popular choice. However, it's hazardous to give the web server delete access because unauthorized users could delete the backups. This guide demonstrates how to configure vsftpd, a popular FTP server, to deny delete access. The web server and FTP server are physically separate in different datacenter locations. This guide uses WordPress and UpdraftPlus, a popular backup plugin, but you can substitute any server and backup method that uses FTP to upload files. The FTP server configuration is the important factor in this example.

Prerequisites

  • Install a One-Click WordPress app.
  • Install the UpdraftPlus backup plugin in WordPress.
  • Install a Rcs Ubuntu 20.04 LTS server, preferably in a different location than WordPress, as the FTP backup server.

Install vsftpd

  1. SSH to the FTP server as root.

  2. Install vsftpd.

     # apt install vsftpd
  3. Create a user for FTP backups. Choose a strong password.

     # adduser ftp-user
  4. Edit the vsftp configuration.

     # nano /etc/vsftpd.conf
  5. Uncomment the following lines to allow ftp-user to login and create files.

     local_enable=YES
     write_enable=YES
  6. Add the following line to deny file deletes.

     cmds_denied=DELE
  7. Restart the vsftpd service.

     # systemctl restart vsftpd

This completes the FTP server setup. The ftp-user account uploads files to /home/ftp-user.

Configure UpdraftPlus Backups

  1. Navigate to the UpdraftPlus setup screen on your web server.

     https://www.example.com/wp-admin/options-general.php?page=updraftplus
  2. Click the Settings tab.

  3. In the Choose your Remote Storage section, click the FTP icon.

  4. In the FTP configuration section, enter the server, login, password, and remote path. For example:

    • FTP server: example.com
    • FTP login: ftp-user
    • FTP password: YourStrongPassword
    • Remote path: /home/ftp-user
  5. Click the Test FTP Settings button. Verify the test is successful.

  6. Click the Save button at the bottom of the page.

Test the Backup System

  1. Navigate to the UpdraftPlus backups page.

     https://example.com/wp-admin/options-general.php?page=updraftplus
  2. Click the Backup Now button.

  3. Choose your backup options from the popup and start the backup.

  4. SSH to the FTP server as root.

  5. Check the backup folder.

     # ls /home/updraft-user

    Verify the new backup exists. It usually consists of several files.

  6. On the UpdraftPlus backup page, click the Delete button next to the new backup.

  7. Select the option Also delete from remote storage in the popup confirmation.

    When finished, the web console shows that UpdraftPlus deleted the backup. However, if you check the FTP server, the files are still there, because the FTP server ignored the delete command.

     # ls /home/updraft-user
  8. On the UpdraftPlus backup page, click the Rescan remote storage link. UpdraftPlus discovers the backup files still exist and adds them back to the list.

Conclusion

This configuration prevents a website attacker from deleting your backups. However, there is a trade-off between convenience and security. As a side effect, UpdraftPlus can no longer automatically expire old backups. You may need to configure an expiration task on the FTP server.

Introduction Backing up a web server with FTP is a popular choice. However, it's hazardous to give the web server delete access because unauthorized users could delete the backups. This guide demonstrates how to configure vsftpd, a popular FTP server, to deny delete access. The web server and FTP server are physically separate in different datacenter locations. This guide uses WordPress and UpdraftPlus, a popular backup plugin, but you can substitute any server and backup method that uses FTP to upload files. The FTP server configuration is the important factor in this example. Prerequisites Install a One-Click WordPress app. Install the UpdraftPlus backup plugin in WordPress. Install a Rcs Ubuntu 20.04 LTS server, preferably in a different location than WordPress, as the FTP backup server. Install vsftpd SSH to the FTP server as root. Install vsftpd. # apt install vsftpd Create a user for FTP backups. Choose a strong password. # adduser ftp-user Edit the vsftp configuration. # nano /etc/vsftpd.conf Uncomment the following lines to allow ftp-user to login and create files. local_enable=YES write_enable=YES Add the following line to deny file deletes. cmds_denied=DELE Restart the vsftpd service. # systemctl restart vsftpd This completes the FTP server setup. The ftp-user account uploads files to /home/ftp-user. Configure UpdraftPlus Backups Navigate to the UpdraftPlus setup screen on your web server. https://www.example.com/wp-admin/options-general.php?page=updraftplus Click the Settings tab. In the Choose your Remote Storage section, click the FTP icon. In the FTP configuration section, enter the server, login, password, and remote path. For example: FTP server: example.com FTP login: ftp-user FTP password: YourStrongPassword Remote path: /home/ftp-user Click the Test FTP Settings button. Verify the test is successful. Click the Save button at the bottom of the page. Test the Backup System Navigate to the UpdraftPlus backups page. https://example.com/wp-admin/options-general.php?page=updraftplus Click the Backup Now button. Choose your backup options from the popup and start the backup. SSH to the FTP server as root. Check the backup folder. # ls /home/updraft-user Verify the new backup exists. It usually consists of several files. On the UpdraftPlus backup page, click the Delete button next to the new backup. Select the option Also delete from remote storage in the popup confirmation. When finished, the web console shows that UpdraftPlus deleted the backup. However, if you check the FTP server, the files are still there, because the FTP server ignored the delete command. # ls /home/updraft-user On the UpdraftPlus backup page, click the Rescan remote storage link. UpdraftPlus discovers the backup files still exist and adds them back to the list. Conclusion This configuration prevents a website attacker from deleting your backups. However, there is a trade-off between convenience and security. As a side effect, UpdraftPlus can no longer automatically expire old backups. You may need to configure an expiration task on the FTP server.

Was this answer helpful?
Back

Powered by WHMCompleteSolution