Backing up your data is a popular option for securing your database. In order to create backup copies, you need additional hardware and to install a suitable backup structure. How do you secure your own network and web server against attacks and proceed to protect your databases?
Those who eschew regular server backups have no way of recovering lost files. Backups should always play an integral role for every server scheme, and the synchronization tool, rsync, is one example of the many backup solutions currently available on the market. The GPL licensed application is available for free and is responsible for transferring data from a source directory to the desired destination directory; this process can be carried out both offline or through a network. During the transfer, all files in the source as well as the destination folder are compared, ensuring that only changed files are copied during synchronization. This way of incrementally backing up data is both quick and does not use too much memory space in the process.
Cross-system data transfer
As defined per default, communication between output folders and destination folders is normally carried out through the transfer protocol TCP (port 873) – provided that a running rsync folder already exists. Access via an unencrypted remote shell (RSH) or an encrypted secure shell (SSH) should not pose any problems. rsync can operate on all conventional Unix operating systems, and due to Cygwin – a Linux-inspired software interface – it can also run on Windows. Furthermore, there are many different synchronization programs for Mac OS X, Windows, and Linux that draw on the rsync protocol. The software, rsnapshot, allows users to create complete, multilevel backups. It relies on rsync in its copying tasks and additionally creates hard links of all copied files that don’t take up any physical memory space.
The destination directory where the backup copy is to be stored can be located on the same computer or on an external storage device. Different hardware may be needed for this, depending on the size of the data. In some cases, a portable hard drive may suffice, while other times an entirely separate server may be required (e.g. when a network mirror is to be created). Thanks to its quick and compressed data transfer, rsync is especially well suited for synchronizing data with servers or devices with a weak data connection. Transferring between two computers at a data center is also a plausible application for rsync’s use. The following aspects comprise backups with rsync:
- No daily maintenance work required
- Compressed data transfer in network
- Possible bandwidth limitation of backup procedure
- Secure transfer via SSH connection
- Seamless transfer of large data volume
- Quick restoring from backups
Setting up rsync on Linux servers
In order to use rsync on Linux operating systems, install the protocol in the package (also called rsync) and set up your backups by entering terminal commands. As an alternative, you can also make use of applications such as Back In Time, rsnapshot (for regularly automated backups), or Unison. These make it possible to control backup processes via a graphical user interface. We have laid out an example that breaks down the most important steps for setting up and executing backup processes with rsync:
- As per default, rsync is already installed under Ubuntu. Should this not be the case, make up for the installation with the following command:
sudo apt-get install rsync
- Once rsync is installed, a host of commands are now at your disposal. These allow you to determine the source and destination directory as well as the backup options. The syntax of the commands is constructed as follows:
rsync -OPTIONS SOURCE TARGET
- The parameter SOURCE indicates the respective location of the files that are to be secured, while the directory is defined under TARGET. The placeholder, OPTIONS, can be changed through the settings for the backup copy.
- In order to copy all rights and source file owners into the backup file, the option -a, is recommended. It contains all the following settings that can also be used separately:
|-l||Copy symbolic links|
|-p||Keep file permissions|
|-t||Keep file time|
|-g||Keep source file’s group permissions|
|-o||Keep file owner|
|-D||Keep device files|
- Further important options for configuring the backup process:
|-u||Skip files that are more current in the destination directory|
|-v||Display all steps during backup process|
|-n||Start a test run|
|--bwlimit||Limit bandwidth; e.g. --bwlimit=30 (limit to 30 kbit/s)|
|--exclude||Exclude folder from synchronization; e.g. --exclude examplefolder (the folder ‘examplefolder’ will not be synchronized)|
|--delete||Compare directories and delete files that are no longer found in the source directory from the destination directory.|
|--stats||Show report on backup process|
- Making use of a test run with the command (-n) is worthwhile in order to check for the correctness of the given parameters and directories. Incorrect entries can lead to loss of data in the most inconvenient of cases. Files that are not copied as desired during the process are often done so due to missing access rights. Should this occur, try executing the command as an administrator.
sudo rsync -OPTIONS SOURCE TARGET
Securing Windows Servers with rsync
rsync also offers Windows users an interesting and affordable alternative to expensive backup software. Cygwin first needs to be installed before the transfer protocol can be used. By using the Linux-like software interface, many different Linux programs are also available for Windows operating systems. Here are the steps you need to follow for installation:
- Download Cygwin via cygin.com.
- Open the package manager, select and install the modules ‘rsync’ and ‘openssh’. After installation, setup a shortcut link on the start menu or the desktop.
- Open the Cygwin terminal with the shortcut link and start the SSH configuration via the command:
ssh-host-config (only possible if input prompt is started with administrator privileges via right mouse click)
- Answer the first questions with ‘yes’ and the question ‘Do you want to use a different name’ with ‘no’. Once this step has been completed, create a new user account with ‘yes’ and select a new password.
- Start the SSH service by entering the following command:
net start sshd
- Upon carrying out this final step, the encrypted synchronization with rsync on Windows is now set up, and, with the help of the known Linux commands, the service can now be used via the Cygwin terminal. It is important, however, to mind the typical paths for Windows as well as users and groups.