Managing Remote Backup Servers

By default, HSS backs up the files from the protected directories (excluding specified subdirectories and file types) to the local backup directory you specified when adding protected directories. To protect the local backup files from tampering, you must enable the remote backup function.

If a file directory or backup directory on the local server becomes invalid, you can use the remote backup service to restore the tampered web page.

Constraints

Only the servers that are protected by the HSS WTP edition support the operations described in this section.

Prerequisites

The following servers can be used as remote backup servers:

Linux servers whose Server Status is Running and Agent Status is Online

The remote backup function can be used when the Linux backup server is connected to your cloud server. To ensure a proper backup, you are advised to select a backup server on the same intranet as your cloud server.
You are advised to use intranet servers least exposed to attacks as the remote backup servers.

Adding a Remote Backup Server

Log in to the management console.
In the upper left corner of the page, click , select a region, and choose Security > Host Security Service.
Choose Prevention > Web Tamper Protection, click Configure Protection.
Click Settings under Protected Directory Settings.

Click Manage Remote Backup. In the dialog box that is displayed, click Add Backup Server. For details, see Table 1.

**Table 1** Backup server parameters
Parameter	Description
Address	This address is the private network address of the server.
Port	Ensure that the port is not blocked by any security group or firewall or occupied.
Backup Path	Path of remote backup files. If the protected directories of multiple servers are backed up to the same remote backup server, the data will be stored in separate folders named after agent IDs. Assume the protected directories of the two servers are /hss01 and hss02, and the agent IDs of the two servers are f1fdbabc-6cdc-43af-acab-e4e6f086625f and f2ddbabc-6cdc-43af-abcd-e4e6f086626f, and the remote backup path is /hss01. The corresponding backup paths are /hss01/f1fdbabc-6cdc-43af-acab-e4e6f086625f and /hss01/f2ddbabc-6cdc-43af-abcd-e4e6f086626f. If WTP is enabled for the remote backup server, do not set the remote backup path to any directories protected by WTP. Otherwise, remote backup will fail.

Click OK.

Enabling remote backup

Log in to the management console.
In the upper left corner of the page, click , select a region, and choose Security > Host Security Service.
Choose Prevention > Web Tamper Protection, click Configure Protection.
Click Settings under Protected Directory Settings.
Click Enable Remote Backup and select a remote backup server.
Click OK to start remote backup.

Follow-Up Procedure

Disabling remote backup

Exercise caution when performing this operation. If remote backup is disabled, HSS will no longer back up files in your protected directories.

Parent topic: WTP

Previous topic: Adding a Protected Directory

Next topic: Setting Scheduled WTP Protection

Feedback

Was this page helpful?

Helpful Not helpful

Provide feedback

Thank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.

The system is busy. Please try again later.

Which of the following issues have you encountered?

Content is inconsistent with the product UI

Unclear descriptions

Lack of examples or code

Incorrect steps

Can't find what I need

Lack of best practices

Feedback (optional)

0/500

Select at least one type of issue, and enter your comments or suggestions.

Enter a maximum of 500 characters.

Submit Cancel

For any further questions, feel free to contact us through the chatbot.

Chatbot