Search the Community

Given the personal data that Blesta installations hold, in line with data protection laws, it would be appropriate for the backups feature to have encryption. Whilst the servers where Blesta are installed are likely to have extra security safeguards in place, the offsite backup locations are less likely to have the same security setups. Additionally, data may be offloaded to a different organisation which can create additional complexity. If the data were packaged encrypted, only the Blesta installation owner would have access to the data, negating any data protection issues with where the data is being offloaded to as part of the backup. Also submitted to: https://requests.blesta.com/topic/backups-encryption (posted here for awareness)

Hey all, Just wondering if there's a Right Way™ to access the systemEncrypt/systemDecrypt methods from within a module (specifically, a forked version of the Plesk service module). I've hacked it in for now, but it feels dirty and though it works I was wondering if there's a better way. Current 'solution': /** * Wrapper around systemEncrypt function * * @param string $string The string to encrypt * @return string The encrypted version of input string */ protected function encryptString($string) { if (!isset($this->Clients)) Loader::loadModels($this, array("Clients")); return $this->Clients->systemEncrypt($string); } /** * Wrapper around systemDecrypt function * * @param string $string The string to decrypt * @return string The decrypted version of input string */ protected function decryptString($string) { if (!isset($this->Clients)) Loader::loadModels($this, array("Clients")); return $this->Clients->systemDecrypt($string); } I don't actually use the Clients model anywhere, just load it so that I can have access to the systemEncrypt/systemDecrypt methods that are attached. I suppose the real question would be is it possible to add a bonafide custom Model to a module, as I'm storing the encrypted values in a table the module is creating for itself during install/upgrade. ie public function upgrade($current_version) { if (version_compare($this->getVersion(), $current_version, ">")) { // Upgrade to v1.0.2 if (version_compare($current_version, "0.2.3", "<")) { $this->Record-> setField("id", array('type' => "int",'size' => 10,'unsigned' => true,'auto_increment' => true))-> setField("client_id", array('type' => "int", 'size' => 10))-> setField("encrypted_field", array('type' => "varchar", 'size' => 255))-> ... setKey(array("id"), "primary")-> ... create("my_custom_table"); } } } $some_data = $this->Record->select()->from("my_custom_table") ->where("client_id", "=", $service->client_id) ->fetch(); $some_data->encrypted_field = $this->decryptString($some_data->encrypted_field); Not sure how I could wrap this up and have $this->MyModel->foo(), but I assume if it's possible it'd extend some base model class which would give me the encryption methods 'For Free'.

Hi, I have a question about the Encryption : http://docs.blesta.com/display/user/Encryption Let's say we encrypt our data. Is it still possible for us to go 100% custom later ? I mean : is it possible for us to migrate to another platform? Is there any way to get back our data as it was before in case if we see problems? What if we require to change the encryption passphrase someday - how can this be done? I know we can migrate from whm** and get back our encrypted data. I know Blesta is far better on this. I'm affraid we may not be able to get back our data if we use this feature. Someone can tell me more about this? Thank you, Carl