22 Feb Backup your own website with FTP
One of the most popular methods of accessing website files is FTP (File Transfer Protocol). This method is also useful for making a simple backup of your domain to a local machine. There are some caveats to FTP that you should be aware of before using it as your go-to backup method.
Pros of FTP
Abundance of FTP clients
There’s no shortage of excellent, user-friendly FTP software. Most of these clients allow you to store connection details for multiple servers; handy if you work with multiple websites spread out over multiple servers. They also support upload/download resume, multiple protocols (more on that later) and a ton of other options. Some of the most popular FTP clients are listed below:
Supported on most servers
Because FTP is one of the more venerable protocols on the internet you will find it is supported across pretty much all major OS platforms, especially Linux. All Simple Helix servers are built with FTP server software ready to be configured for your needs.
Separate users from system
FTP servers can be configured to have their own users that are separate from the system users. This can be an extra layer of security for your website: an FTP user account can be configured to have only read/write access to the contents of a specific folder and nothing else. This is very useful when a third-party developer needs access to update certain site files without administrator access to the rest of the server. An FTP user account can only perform file-related tasks such as add, change or delete. They cannot execute commands on the server itself.
Cons of FTP
Insecure by default
FTP is carried unencrypted between the server and the client, meaning FTP login credentials are transmitted in plain text. Packets could be intercepted and easily used by a third party to log into an FTP user account. This problem is easily eliminated by using an extension to the original protocol: FTPS (FTP with SSL/TLS encryption). Our technical support team Simple Helix will be happy to configure your FTP server to use FTPS.
Disallowed by PCI Compliance
If your domain is following PCI Compliance standards, then the ports used by FTP are closed from outside connections. While this is a little inconvenient, a secondary IP address on the server can be configured for use with FTP connections. Simple Helix provides two (2) public IP addresses for all Dedicated Servers making this configuration very easy to setup.
Added software to run
Using FTP does require running an FTP service on the host server alongside web server and email for example. While this does consume some slight resource usage, modern FTP server software is extremely lightweight, and even when actively transferring files there is no realized impact to host server performance.
“Flavors” of FTP
As mentioned before, there are several different protocols used on the Internet that fall under the “FTP” banner. Most modern FTP client software will work with any of these protocols, each with their own pros and cons. The three most common protocols are:
- FTP: File Transfer Protocol – The original
- FTPS: FTP with SSL/TLS – Verify the identity of parties involved with the file transfer
- SFTP: SSH File Transfer Protocol – Use account security already baked into the Linux OS
FTP and FTPS have been discussed above, but SFTP is a slightly different method of file transfer. SFTP uses the SSH connection to your server to perform file-related actions on the server. Like FTP and FTPS, users can only perform file actions and cannot execute server commands. However, unlike FTP and FTPS, SFTP uses your SSH credentials for logging in. If your SFTP password is compromised an attacker could log into the server via SSH as the FTP user and do much more than manipulate the website files.
Of the three, Simple Helix recommends using either FTPS or SFTP as your backup protocol of choice. Both of these protocols offer security that regular FTP does not, which keeps your data safe during transfer. However, FTPS does offer a little more security by having a user that is separate from the underlying operating system, meaning that a compromised FTP user doesn’t mean a compromised SSH user.
A Word About Databases
While FTP is great for backing up your website’s images, PHP files and other content, it’s not so great for backing up the database(s). This is because the actual database files are usually kept in a specific location outside the webroot of your domain. For this reason the FTP user can not directly access the database files. Backing up the file-based content of your website is only part of the procedure; without the database, the files are fairly useless. Additionally, due to the nature of databases, simply copying the database files without the database log files and other pertinent database engine information doesn’t produce a working backup.
To mitigate this issue for FTP backups you will need to do a database dump and then use FTP to transfer the resulting sql file. A database dump takes all the information for a database and compiles it into a single file in a format that the database engine can later import. This file can be considered a backup of the database at the time the database dump was executed. This process requires shell (SSH) access to the server along with your database user/password credentials.
The command to create a dump of a database on Simple Helix servers is mysqldump. A basic usage of the command is as follows:
$mysqldump -u DB_USERNAME -p DATABASE_NAME > DATABASE_NAME.sql
Take care to replace the capitalized words with the actual username and database name for your website. Running this command will prompt you for the database user’s password, and then it may run for a few minutes to complete, depending on the size of the database you’re exporting.
FTP may be the best fit for your backup process if you have a small website and are comfortable with performing database exports. If you would like some help setting up the FTP user account on your Simple Helix server, feel free to open a ticket from the client area or contact us today.