Support

Akeeba Backup for Joomla!

#27156 Amazon S3 Secret Key Security

Posted in ‘Akeeba Backup for Joomla! 4 & 5’
This is a public ticket

Everybody will be able to see its contents. Do not include usernames, passwords or any other sensitive information.

Environment Information

Joomla! version
n/a
PHP version
n/a
Akeeba Backup version
n/a

Latest post by on Sunday, 19 March 2017 18:17 CDT

Accredited Design
EXTREMELY IMPORTANT: Please attach a ZIP file containing your Akeeba Backup log file in order for us to help you with any backup or restoration issue. If the file is over 2Mb, please upload it on your server and post a link to it.

Description of my issue:
Just a question:
How secure is the Amazon S3 secret key in the Akeeba Backup configuration, aside from it being hidden visibly by bullets?
What I'm getting at is that my web clients have superadmin access to sites I build for them, so is it impossible to hack around and reveal the key? Is it stored unencrypted in the SQL DB?
Obviously I'm hoping it's impossible. Thanks.

dlb
Nothing is impossible, would you settle for highly unlikely? In Options (upper right corner of the Control Panel screen) on the Security tab, you need to set "Use encryption" to Yes. That encrypts the configuration settings, including the S3 secret key. So it is protected by more that just the asterisks, but virtually an encryption can be broken given enough time and resources.


Dale L. Brackin
Support Specialist


us.gifEnglish: native


Please keep in mind my timezone and cultural differences when reading my replies. Thank you!


????
My time zone is EST (UTC -5) (click here to see my current time in Philadelphia, PA)

System Task
system
This ticket has been automatically closed. All tickets which have been inactive for a long time are automatically closed. If you believe that this ticket was closed in error, please contact us.

Support Information

Working hours: We are open Monday to Friday, 9am to 7pm Cyprus timezone (EET / EEST). Support is provided by the same developers writing the software, all of which live in Europe. You can still file tickets outside of our working hours, but we cannot respond to them until we're back at the office.

Support policy: We would like to kindly inform you that when using our support you have already agreed to the Support Policy which is part of our Terms of Service. Thank you for your understanding and for helping us help you!