Connect Vaultpress AWS EC2 instance

0

For those that blog with WordPress and want to consider a good backup solution for their blog, there are a few options out there.  However, one that is pretty straightforward and seamless is Vaultpress.  It takes the heavy lifting out of backing up your WordPress files and database.  However, when it comes to information on how to get it configured with a site running on an AWS EC2 instance and SSH access, the details are a bit thin.  The following post will detail how to connect Vaultpress AWS EC2 instance via SSH that has WordPress running.  Vaultpress can backup a site without SSH or other connectivity running just by having the plugin installed and your API key configured.  However, for restore functionality you will need to have SSH or other protocol connectivity configured.

Connect Vaultpress AWS EC2 instance

There are a few steps that need to be worked through to get Vaultpress up and running:

  • First, you need to signup
  • Install the plugin and your API key
  • Connect Vaultpress via SSH or other means to EC2
    • Add a vaultpress specific user (don’t have to do this, but it is good practice, along with very strong password)

Adding a user

The particular environment I am using is an Ubuntu based VM in AWS.  So below are the steps I used to get a new user added as well as the SSH key provided by Vaultpress added to the new user.  Typically, you would have to generate a new keypair for the new user.  However, when you signup with Vaultpress, it will create a keypair for you and will display the public key you need for using with the new user setup.

Login as your ubuntu user and add a new user of your choosing for Vaultpress to connect with.

Follow the prompts.  It will ask you to add a password as well as firstname, phone number, office number etc.  Besides the password, you can just hit ENTER past these prompts.

Add your new user to the sudoers file:

Add the following line to after the comment line, “User privilege specification”:

Change to our new user:

We need to create a .ssh/authorized_keys file for our new user.  Make sure you are in your home directory:

Now, we need to get the public key that Vaultpress has generated for us and plug it into the .ssh/authorized_keys file that we just created.  Go to your settings page in Vaultpress and select SSH and hit the Show Public Key button.  Copy all the text, including the ssh-rsa in the beginning, but exclude the “Vaultpress” text at the end.

vault01-300x253 Connect Vaultpress AWS EC2 instance

AWS EC2 Network Security

You will need to allow Vaultpress to connect in your AWS EC2 security group if you are restricting SSH – and you should be.  Add a new rule to allow SSH access to Vaultpress CIDR range.  Take a look at the Vaultpress post here on those ranges https://help.vaultpress.com/connection-issues/

If you are not familiar with security groups or how to add rules to them, check out the detailed post here on how to get the groups setup and add rules:  https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-network-security.html#security-group-rules

Testing

After you get the user name, password and public key setup on the EC2 side, you should be able to test your connection and save your credentials.  You will see the “green” status on SSH and that you are connected:

vault02-300x212 Connect Vaultpress AWS EC2 instance

Permissions

Make sure the user you create for Vaultpress has both read and write permissions on the files you want to backup/restore.

Final Thoughts

After getting the user to connect Vaultpress AWS EC2 instance, the plugin and service is pretty hands off.  The Lite version which is the cheapest solution is $5 a month and is quite a bit of security for that price – daily backups, offsite backups, 30 day history of backups, etc.  Hopefully, the above post will help any who run WordPress on EC2 to be able to connect Vaultpress up with AWS.