Customers occasionally ask me about Time Machine style backups for their servers, ie. the ability to go back in time to a given point and retrieve file(s) which have been accidentally modified or overwritten.
This is easy enough to do use rsync and hardlinks – that’s the topic of another post (or google it, this has been covered many times by others)
There is no doubt that this is a useful feature to have, however there is one major consideration many people overlook. You cannot plan on using the history as a recovery strategy should you discover unauthorized access to your system, as a hacker can easily modify your backups!
The solution requires creating the backup history on medium inaccessible to your server. An ideal scenario is a to have a mirror of your live server acting as a DR system, but locked down so there is no external access. The backup history can be stored securely on this machine, which provides the dual functions of failover system and secure backup history.