So what can be best way to have a Backup of code and DB is it downloading Locally via http ? But i fear it is security risk as some hacker might get access to it .
I am looking into compress then encrypt the compressed file. But i dunno what encryption i should use and if linux CLI tool available for password protected encryption ?
Thanks Arshdeep
The community over at Hacker News raves about Tarsnap. As per the site:
Tarsnap is a secure online backup service for BSD, Linux, OS X, Solaris, Cygwin, and can probably be compiled on many other UNIX-like operating systems. The Tarsnap client code provides a flexible and powerful command-line interface which can be used directly or via shell scripts.
Tarsnap is not free, but it is extremely cheap.
You don't make that much sense here.
If downloading locally then you don't go over public networks, so it is not an issue.
Unless you meant simply to download. But the question is to download what?
On the other hand, the issue of securing the upload (for initial setup) and for maintenance is as equally important.
Securing your resources such as code repository and database is critical, but if you can have SSH access to your server you already have encrypted tunnel established and transferring files over that tunnel (scp) is quite secure; if paranoid (or in need) you can bump up security on SSH server setting to version 2 only.
If you're worried about transports, use SSH. I tend to use replication over an SSH tunnel to keep a MySQL database in sync. A backup of the version control server (which is not the same as the deployment server) is passed by rsync over ssh. If you want to encrypt files locally you could use gpg, which would of course not work in tandem with the database replication, in that case you'd be forced to use a dump or snapshot of your database at regular intervals.