One of my blog user “Chris” asked for FTP clean up script, so here it is:
//CONFIG SECTION
//*******************************************************
// Credentials for FTP Server
$source_server_ip = "your_domain_or_IP"; // Server IP or domain name eg: 212.122.3.77 or ftp.domain.tld
// Credentials for FTP account
$ftphost = "ip_or_hostname_of_ftp"; // FTP host IP or domain name
$ftpacct = "userid"; // FTP account
$ftppass = "password"; // FTP password
$logs_dir = "/"; //FTP Remote Folder
$email_notify = 'your_email@domain.com'; // Email address for backup notification
$backupexpireindays=21; //3 weeks expire time in days, 21 days = 7*24*60
//END OF CONFIG SECTION
//*******************************************************
//Do not edit below this line
$backupexpireindays=($backupexpireindays*24)*3600; //convert it to seconds, 24 hours * 60 minutes * 60 seconds
// Delete any other backup with filetime greater than expire time, before create new backup
$conn_id = ftp_connect($ftphost);
$login_result = ftp_login($conn_id, $ftpacct, $ftppass);
ftp_chdir($conn_id, $logs_dir);
$files = ftp_nlist($conn_id, ".");
foreach ($files as $filename) {
$fileCreationTime = ftp_mdtm($conn_id, $filename);
//$date = date("F j, Y, g:i a", ftp_mdtm($conn_id, $filename));
//print "
Timestamp of '$filename': $date";
$fileAge=time();
$fileAge=$fileAge-$fileCreationTime;
if ($fileAge > $backupexpireindays) { // Is the file older than the given time span?
//echo "
The file $filename is older than Expire time :$expiretime ...Deleting\n";
ftp_delete($conn_id, $filename);
//echo "
Deleted
";
}
}
ftp_close($conn_id);
print "Remote FTP clean up Finish deleted files older than $backupexpireindays days";
?>
Enjoy !
There’s lots of advice on the net about how to setup a server with iptables to allow passive mode FTP. Below is the approach that we’ve found to be most effective.
Start by configuring your FTP daemon to use a fixed range of ports. We use 41361 to 65534 which is the IANA registered ephemeral port range. The exact config depends on what FTP software you’re using:
vsftpd
Edit /etc/vsftpd/vsftpd.conf and add the following lines:
pasv_min_port=49152
pasv_max_port=65534
proftpd
Edit /etc/proftpd.conf and add to the Global section:
......
PassivePorts 49152 65534
......
Now restart your FTP service so the changes take effect.
Next you’ll need to configure the ip_conntrack_ftp iptables module to load. On Redhat/CentOS just edit /etc/sysconfig/iptables-config and add “ip_conntrack_ftp” to the IPTABLES_MODULES like this:
IPTABLES_MODULES="ip_conntrack_ftp"
Next edit /etc/sysconfig/iptables and add a rule to allow TCP port 21.
The new line is marked in red:
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 21 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT
Now restart the iptables service:
/sbin/service iptables restart
You can verify that the correct port range has been registered with lsmod like this:
lsmod | grep conntrack_ftp
and you’ll get something like this:
nf_conntrack_ftp 12913 0
nf_conntrack 79645 4 nf_conntrack_ftp,nf_conntrack_ipv4,nf_conntrack_ipv6,xt_state
And that’s all it takes to get passive mode ftp working behind iptables.
P.S: If your server is behind a physical firewall and you are behind NAT, then you’ll probable need to load the “ip_nat_ftp” iptables module.
I was looking for a working script to take full backup (all files+databases+emails) manually or using cron services on my hosting server, each CPanel user by one. But most of the scripts are either old, totally unusable or commercial.
So I wrote one for my own use and sharing here so others don’t need to re-invent the wheel
password_auth($cpanel_account,$cpanel_password);
$xmlapi->set_port('2083');
// Delete any other backup with filetime greater than expire time, before create new backup
$conn_id = ftp_connect($ftphost);
$login_result = ftp_login($conn_id, $ftpacct, $ftppass);
ftp_chdir($conn_id, $logs_dir);
$files = ftp_nlist($conn_id, ".");
foreach ($files as $filename) {
$fileCreationTime = ftp_mdtm($conn_id, $filename);
//$date = date("F j, Y, g:i a", ftp_mdtm($conn_id, $filename));
//print "
Timestamp of '$filename': $date";
$fileAge=time();
$fileAge=$fileAge-$fileCreationTime;
if ($fileAge > $backupexpireindays) { // Is the file older than the given time span?
//echo "
The file $filename is older than Expire time :$expiretime ...Deleting\n";
ftp_delete($conn_id, $filename);
//echo "
Deleted
";
}
}
ftp_close($conn_id);
$api_args = array(
'passiveftp',
$ftphost,
$ftpacct,
$ftppass,
$email_notify,
21,
'/'
);
$xmlapi->set_output('json');
print $xmlapi->api1_query($cpanel_account,'Fileman','fullbackup',$api_args);
?>
You need to save it with .php extension (upload it to your server) and download include file from xmlapi.zip(right click->save as) and extract it to the same folder (on your web server). Create cron job from your CPanel or trigger it manually to get full backup in your FTP server, That’s it.
OR
You can fork from my git hub Repositories at cpanel-Fullbackup
Enjoy
Ever wanted FTP backups and automation for keeping backups of important file on off-peak time. I always love automation, so machines can do things automatically and help humans 🙂 Read the rest of this entry »