DBacked

Simple, secure database backup as a service 🛠️

5.0/5
About

DBacked is a command-line tool and SaaS product that creates, encrypts and stores backups of your MySQL, PostgreSQL or MongoDB database. It monitors your backups and sends you an email if a problem is detected. The CLI tool is open-source and free to use with your own S3 bucket.

Would you recommend this product?
4 Reviews5.0/5

I needed a painless way to manage the backups on my SaaS products and I just want it to work, DBacked just deals with it.

Pros:

Really Simple to get up and running

Cons:

As of yet, none.

Upvote (1)Share

It just works! And the fact that it's open source is awesome. The way it works is pretty amazing too: the database dump, encryption, compression and upload is all done in memory…

Pros:

Open source and extremely optimized

Cons:

Can't think of anything

Upvote (1)Share

While I have no reason to doubt the binaries embedded inside the agent (pg_dump, mysqldump and mongodump) are legitimate, I have no way of auditing them either. Additionally these binaries and their integrity checking is controlled by dbacked's servers, meaning they can be swapped arbitrarily at any time (by themselves or an attacker). I would need to see their source for these binaries, and a way of pinning which version I am using before I could seriously consider this product from a security perspective.

Pros:

Automating a problem I'd rather not think about

Cons:

Pre-compiled binaries inside "open source" agent, MD5 used for backup integrity

Upvote (1)Share
Thanks for the comment @jamescun ! I'm planning on adding a config field to change the binaries location. I've included the script I use to download and compile the binaries, it's very easy to use. Concerning MD5, it's only used for corruption detection, not for hashing password on anything else. The risks associated with a MD5 collision happening during the upload are almost non-existent. I'm using this because AWS S3 which only supports MD5 (https://docs.aws.amazon.com/fr_f...).