Can you tell me about the security of UpdraftClone?

We have sought to make UpdraftClone secure by design, by default, and make sure that all your data remains private. Measures taken include the following:

  • When you create a temporary clone of your website with UpdraftClone, a new VPS (virtual private server) is started up, just for this clone. You share the virtual machine with nothing. There is no other website on the machine that can (if it were able to break out of its own constraints) touch your clone.
  • All clones have a fresh, unique SSL certificate registered for them, so that they can be accessed securely. The backup set for the site being cloned is also additionally encrypted in transit at the application layer.
  • All clones are run in a contained SELinux (security-enhanced Linux) environment.
  • The option to prevent non-administrators from logging in to the clone is provided. i.e. If you are cloning a site with other users, then even if one of those users should find the site, he still won’t be able to log in to it.
  • For the administrative shell on the server, at the operating system level, administrative login is forbidden, and password-based initial logins are forbidden. The only way that even our own staff can obtain administrative access to the server in order to provide any requested support is via two factors.

Posted in: UpdraftClone