BountySite's modular design allows Storage nodes to be provisioned anywhere in the internet. Storage nodes store credentials for backup, and store actual data in industry standard AES-256 bit encryption.
Storage nodes of BountySite, independently establishes secure connection with the Hosting server, and securely backs up all files, for first time. Subsequent backups are done by comparing previous backups files and download only the changes. This helps us detect file changes and site owners can decide whether the change was unauthorized.
Optionally, storage nodes can be configured as per convenience as with BYOS. It is recommended that Storage Nodes be near to Hosting servers, for super fast backup and restores. Storage Node can be configured on cloud block storage too, at a location near to Hosting servers, to give reliable and fast backup. Optionaly site owners can also keep a copy of backup in any S3 compliant storage vendor or BackBlaze, by opting for Backup_Sync package.
Website files are revisioned using git revisioning system. Files and databases are revisioned separately, to give greater control on restores. If files need to be restored, there is no need to restore database. Database backup can be done using mysqldump directly, or over ssh tunnel(automatically, when protocol SFTP is chosen), or over Mysql over PHP on HTTPS. Every database backup dumps full data, but if there are no changes, it is not added to the revisioning system. Every change/revision/snapshot is marked by a commit time, in GMT, as the time the changes were recorded. The commit time is used as a reference for restores.
BountySite notifies on file changes, via mail and by a notifcation message in control panel.
BountySite runs several stages of operations on backed up files, like checking common CMSes versions, computing hashes of individual files, looking up malware hash db etc. BountySite introduces the unique Bounty security for websites, where 1$ bounty is charged for every severe Vulnerability/Threat. The above diagram illustrates internal flow of scanning of files on storage nodes. Scans are run securely on storage node, for higher level of data protection.
On every restore request, BountySite backups the current site contents and then performs a restore of requested revision/snapshot. On individual file restore, the particular file alone is downloaded and then restored.
BountySite provides with details of file changes per revision/snapshot and change history of a particular file.
BountySite schedules backup every day. Backup jobs are scheduled in a queue, and is run sequentially. A new backup job, requested via control panel, is pushed to the start of queue, to be picked up quickly for backup.
BountySite allows idle sites to be put under Stable Operating Mode, to revert back in changes, which are assumed unauthorized changes, to a snapshot/revision defined by site owner. This is useful for old idle sites, which are vulnerable, and most commonly targeted.
BountySite runs daily scans on site files, to detect new malware signatures, and also detects vulnerabilities which pose a threat to the site.
BountySite allows site owners to get their site online in case of unexpected server downtimes. The latest revision/snapshot is synced to provisioned disaster recovery node. Site owner can get the site back online by simply switching DNS entry to provided hostname. BountySite also allows to backup on Disaster Recovery node, by changing operating mode to Disaster_Recovery. This allows site owners to restore latest website on the actual Hosting server.