Password in backup

First of all I would like to thank you for the great work.

I have three questions.

  1. is it possible to enter a password in the backup so that the file is secured?
  2. what is the root password of the root mysql user and how can you change it?
  3. why is the latest version of Apache not used? The version that comes with the distribution standard is always used.

best regards


Currently not, no.

Check $HESTIA/conf/mysql.conf, you can change the password and update the conf file (probaly also in /root/.my.cnf).

That’s a good question, will discuss with the team to probaly implement sury’s repository for apache2, infact we have already the php one.

Good point about password protecting backup files :+1:
I think it’s absolutely essential when the files are offloaded to a remote location.

1 Like

A tar file can’t be password protected. Neither the tar format nor the gz format has built-in support for password-protecting files

But you can use this in your script before pull/push from/to remote location

zip -P "$password" $DES/$PATH/$ /backup/$SOURCE_FILE.tar

and unzip $ will ask you for password before decompress

Maybe not best deal, but It works

1 Like

Can you please put that in later?

When will you discuss it?

As @changeme already specified, tar doesnt support any encryption - currently there is no plan to implement it.

Already done, we will do a test branch and check if it works properly, then do further decissions.

The test branch has uploaded to github, we would love if you could have a look and give us a feedback if it works properly:

How to test and install custom builds:

I can recommend Duplicati here. Daily backup to Google Drive w/ GPG protection.


  • GUI
  • Cloud support
  • Encryption (AES/GPG)


Duplicati is endeed a gem. I use it elsewhere but not for VPS buckup (just yet).

Unfortunately I don’t have a free server to test it on at the moment, but I hope you get feedback from others.

i have reinstalled hestiacp on ubuntu 18.04 but .my.cnf is no longer available. where is the root data now? was the file moved?

Use the command locate

[email protected]:~# locate my.cnf

It wil show you the right directions

[email protected]:~# locate my.cnf

The Branch core-sury-apache2 branch has been merged with the master branch.

A reinstallation is nearly never a good idea, why you did it? @eris is right with locate, also there is a folder in /root called hst_installer_backup (or similar, just on mobile here), which contains all backups from the installer script.

i have a new server and had to reinstall it. the command locate my.cnf gave no response but i found it now under /usr/local/hestia/conf. on the test server it is in /root.

funny that this has changed :).