Support

Akeeba Backup for Joomla!

#26613 Best practise for backup folder

Posted in ‘Akeeba Backup for Joomla! 4 & 5’
This is a public ticket

Everybody will be able to see its contents. Do not include usernames, passwords or any other sensitive information.

Environment Information

Joomla! version
n/a
PHP version
n/a
Akeeba Backup version
n/a

Latest post by on Thursday, 29 December 2016 17:17 CST

webatelier47
Hello,

I am on Siteground hosting i would like to know what is the best practise for the backup folder where you put it ?

Thanks.

dlb
There is no one right answer. Your backup archives are a security risk in themselves. They contain the database passwords, possibly FTP passwords, lots of sensitive information you would not want falling into the wrong hands.

There are two disadvantages to the default location. First, it is a known location. It is pretty well protected but knowing where to look is a great advantage for a hacker. I'm dangerous, I know a lot about Joomla! and a lot about Akeeba Backup. I would not be able to bypass the .htaccess file in the default output folder. Second, if you uninstall Akeeba Backup, the default output folder is removed, along with any stored backups. The advantages are it is easy and works on all hosts.

If you move your backups to a location above the public_html folder, perhaps in a Backups folder there, you make it MUCH harder to access the stored backups and they are safe from being deleted if you uninstall Akeeba Backup. I do not use Siteground but I'm pretty sure they allow this. Those are the reasons that we recommend not using the default folder. But it works just fine either way.


Dale L. Brackin
Support Specialist


us.gifEnglish: native


Please keep in mind my timezone and cultural differences when reading my replies. Thank you!


????
My time zone is EST (UTC -5) (click here to see my current time in Philadelphia, PA)

webatelier47
OK i understand, thank you.

dlb
You are welcome!


Dale L. Brackin
Support Specialist


us.gifEnglish: native


Please keep in mind my timezone and cultural differences when reading my replies. Thank you!


????
My time zone is EST (UTC -5) (click here to see my current time in Philadelphia, PA)

webatelier47
Hello, for more informations witch attributes for the folder i have choose 700 ?

Thanks.

dlb
That depends on the file ownership. If it works at all, then 700 is fine. If it does not work, it will not be subtle, the file just will not go there. If you are really paranoid, copy the .htaccess file out of the standard output folder into your new one. It prevents access from anywhere except your local server. It overrides the file ownership settings at the server level.


Dale L. Brackin
Support Specialist


us.gifEnglish: native


Please keep in mind my timezone and cultural differences when reading my replies. Thank you!


????
My time zone is EST (UTC -5) (click here to see my current time in Philadelphia, PA)

webatelier47
OK thanks i have set 700 and the htaccess :-)

dlb
You are welcome!


Dale L. Brackin
Support Specialist


us.gifEnglish: native


Please keep in mind my timezone and cultural differences when reading my replies. Thank you!


????
My time zone is EST (UTC -5) (click here to see my current time in Philadelphia, PA)

System Task
system
This ticket has been automatically closed. All tickets which have been inactive for a long time are automatically closed. If you believe that this ticket was closed in error, please contact us.

Support Information

Working hours: We are open Monday to Friday, 9am to 7pm Cyprus timezone (EET / EEST). Support is provided by the same developers writing the software, all of which live in Europe. You can still file tickets outside of our working hours, but we cannot respond to them until we're back at the office.

Support policy: We would like to kindly inform you that when using our support you have already agreed to the Support Policy which is part of our Terms of Service. Thank you for your understanding and for helping us help you!