DEV Community

Discussion on: A cron job that could save you from a ransomware attack

Collapse
 
ejemba profile image
Epo Jemba

I have to disagree with the --delete option in this particular use case.
It defeats the purpose of the article.

Ransomware will delete your files replacing them with their crypted version.

Then your backup process with --delete, will ... delete your sane files ...
I don't think it is what you want for your backup process to prevent ransomware ...
Same stuff for you snapshots. Sane backup could vanish ..

In ransomware case, a good indicator can be the percentage variation of changes in files.

Collapse
 
nylen profile image
James Nylen • Edited

I think you misunderstood my comment: you only add --delete after you have snapshots working properly. Then the files only disappear from the latest backup, but they are still present in all previous snapshots.

If you set this up correctly - and you understand what it is doing, which is always important - then it is a good system with no risk for data loss.