BountySite offers with a very unique and first in industry, to provide MySQL database backup over HTTPS using PHP script.

Why MySQL over PHPS?

I am going to talk about why I built this feature and is a crucial element in database backup.

Opening MySQL Firewall port

Shared hosting providers are reluctant to open MySQL ports for external IP address for running remote backup:-

  • citing security
  • wanting to upsell to VPS

The chances are high that IP address will not be opened to run a direct MySQL backup. Website backup is crucial, irrespective if running on shared or dedicated environment.

Security concern

Having remote backup over the net is not very secure for data transmission. Also, it is commonly preferred to run MySQL over localhost than on public IP address. If MySQL is running on localhost, then it is not possible to do a remote offsite backup.

Solution

I came up with an idea to backup MySQL database over HTTPS, using php script. Most MySQL servers run on linux hosting servers offering PHP execution. So, a simple PHP script was needed which will accept only requests coming from BountySite storage nodes and connect to MySQL running on localhost and perform backup/restore. We can upload the PHP script in a folder, and invoke the script from a HTTPS URL.

What if the PHP script is called by someone else?

The PHP script does not store any credentials, but only accepts credentials sent over POST data, over SSL. It also takes a token(like a password), and a specific User Agent, which is set by BountySite only.

Token and User Agent can be copied and used elsewhere too

Yes, someone with access to hosting account can download and see the script. But again, it does not store database credentials.

The PHP script accepts the request from BountySite storage node, containing database credentials, and connects to MySQL host. The backup data is then transferred back to the Storage node. This is very close to running a mysqldump.

MySQL restore works in the same way too. Only adding to the fact that MySQL commands are also sent along with db credentials, that are directly executed. This is same way as running a direct mysql restore.

Since we use tokens, every site has its own version of PHP script, that can be downloaded from the Control Panel. PHP script cannot be used for another site backup.

The script has also been optimized for backup/restore of large databases.

That is all about BountySite's unique MySQL over PHPS feature.