Implementing a robust Hetzner backup strategy is essential to ensure your VPS data remains safe, accessible, und sicher. A reliable backup plan not only protects against accidental deletion, Hardwarefehler, and ransomware attacks but also provides peace of mind for administrators managing critical workloads. This guide outlines step-by-step methods, best practices, and tools to efficiently back up your VPS on Hetzner.
Understanding Hetzner Backup Options
Before setting up a backup, it’s critical to understand the storage solutions Hetzner offers. Hetzner offers Storage Boxes and Cloud Object Storage, each designed for different backup requirements. Storage Boxes are ideal for incremental backups via SFTP, SCP, or rsync, while Object Storage supports S3-compatible protocols for encrypted and deduplicated backups using tools like Restic.
Choosing the right service ensures your backups are efficient, cost-effective, and scalable. Key considerations when choosing Hetzner backup methods include:
- Storage type and cost: Plans start at a very low price, allowing for flexible expansion.
- Protocols supported: SFTP, SCP, rsync, Samba/CIFS, and S3-compatible APIs.
- Automation and security: Evaluate built-in encryption, snapshot support, and access control features.
Setting Up Your Hetzner Storage Box
To start backing up, a properly configured Storage Box is mandatory. Setting up involves activating the Storage Box plan, enabling SSH or SFTP access, and optionally creating sub-accounts for multiple devices. These steps ensure secure connections and efficient data management.
Here are the steps to set up a Storage Box:
WordPress Web Hosting
Ab 3,99 USD/monatlich
- Order a Storage Box
- Log in to Hetzner Robot and select a plan.
- After activation (usually ~3 minutes), you’ll receive credentials (Benutzername, password, server address).
- Enable SSH/SCP Access
- Navigate to your Storage Box settings and enable SSH and external reachability.
- Reset passwords if necessary; this ensures secure connections for rsync or Restic.
- Create Sub-Accounts (Optional)
- Useful for multiple users or devices.
- Restrict access to specific directories, Z.B., subuser1/backups.
- Test Connection
- Linux/macOS: ssh -p 23 [email protected]
- Windows: Use PowerShell or PuTTY.
- Ensure you reach the command prompt to verify access.
Choosing a Backup Method
Hetzner backups can be performed using rsync, Restic, or SimpleBackups, depending on your requirements for encryption, Automatisierung, und Plattformkompatibilität.
Rsync for Linux/macOS
rsync is ideal for incremental backups and simple folder synchronisation. It minimises data transfer by copying only changed files. For setup and usage:
Install rsync:
- sudo apt-get update
- sudo apt-get install -y rsync
Optional: Set up an SSH key for passwordless access.
Run backup:
Günstiger VPS -Server
Ab 2,99 USD/monatlich
- rsync -avh –progress -e ‚ssh -p 23‘ /home/user/data [email protected]:Backups
- Automate with Cron for scheduled backups.
Restic for Secure and Encrypted Backups
Restic provides encryption and deduplication, making it perfect for sensitive or large-scale backups.
Follow the steps:
- Install Restic (Linux/macOS/Windows)
- Configure SSH access to Hetzner Storage Box
Initialise repository:
- restic -r sftp:storagebox:/restic init
Backup data:
- restic -r sftp:storagebox:/restic backup /home/user/data
- Automate with autorestic or custom scripts for regular backups.
Automating Snapshots and Scheduling
Automation is key to a reliable Hetzner backup strategy. Snapshots can be manually created or automated via the Hetzner Console, ensuring multiple restore points without constant manual intervention. Here are the best practices for scheduling:
Windows VPS -Hosting
Remote Access & Full Admin
- Daily incremental backups for frequently updated data.
- Weekly full backups to maintain a complete dataset.
- Keep 10–40 snapshots depending on your Storage Box plan.
Security and Access Control
A robust backup plan must ensure data integrity and security. Use SSH keys instead of passwords, encrypt sensitive files when using rsync, and restrict access to specific directories for sub-accounts. Regularly monitor backups to verify their completeness and detect corruption early.
Using Hetzner Cloud Object Storage with Restic
For users requiring cross-platform and encrypted backups, Hetzner Cloud Object Storage combined with Restic is a powerful solution. Object Storage supports S3-compatible protocols, allowing seamless integration with Restic’s secure and deduplicated backups.
Implementation steps include:
- Set up Object Storage
- Create a bucket in Hetzner Cloud Console.
- Note your endpoint, access key, and secret key.
- Configure Restic environment variables
- export RESTIC_PASSWORD=your-secure-password
- export RESTIC_REPOSITORY=s3:hel1.your-objectstorage.com/bucket-name
- export AWS_ACCESS_KEY_ID=hetzner-access-key-id
- export AWS_SECRET_ACCESS_KEY=hetzner-access-key
- Run backups with advanced S3 options.
- restic -o s3.bucket-lookup=dns backup /path/to/data
- Automate using wrapper scripts
- Alias Restic commands to ensure correct environment variables and options are applied automatically.
This setup allows daily or hourly automated backups with encryption and deduplication, ensuring minimal storage usage and maximum security.
Cloud-Based Automation with SimpleBackups
For those who prefer a managed solution, SimpleBackups offers automation and monitoring for Hetzner VPS -Server -Hosting Backups. It reduces manual intervention while providing scheduling, Überwachung, and restore features.
Steps to configure are:
- Sign up at SimpleBackups.
- Create a storage target pointing to your Hetzner Storage Box (SFTP).
- Define backup jobs:
- Select files, Datenbanken, or full server backups.
- Schedule daily or weekly backups.
- Monitor backups via the dashboard and initiate restores when needed.
Now let’s figure out the advantages:
| Besonderheit | Rsync/Restic | SimpleBackups |
| Automatisierung | Manual/Cron/Script | Built-in dashboard |
| Encryption | Restic only | Managed (depends on settings) |
| Cross-platform | Restic | Ja |
| Ease of use | Moderate | Hoch |
Restoring Data from Hetzner Backups
Restoration is a critical component of any backup plan. Hetzner provides flexible restoration options depending on the method used.
Rsync restoration:
rsync -avh –progress -e ‚ssh -p 23‘ [email protected]:backups /home/user/restored_data
Restic restoration:
restic -r sftp:storagebox:/restic restore latest –target /home/user/restored
SimpleBackups restoration:
- Initiate restores from the dashboard; choose file, Datenbank, or full server restore.
Always test your restoration process regularly to ensure backups are valid and complete.
Troubleshooting Common Issues
Even with a well-structured Hetzner backup strategy, operational issues can still occur during data transfers, repository initialisation, or automated tasks. These problems are typically caused by misconfigurations, authentication failures, network limits, or incorrect file paths. Below are the most common issues and the recommended methods for resolving them to ensure stable and consistent backup operations.
- Connection refused
This issue usually indicates that the Storage Box cannot be reached via SSH or SFTP. Always verify that port 23 is open, SSH access is enabled in the Storage Box settings, and local firewall rules on the VPS are not blocking the outbound connection. - Permission denied
Authentication failures occur when the username, password, or SSH key is incorrect. Confirm that your credentials match the ones provided in the Hetzner panel, regenerate the password if needed, and ensure your SSH key is properly registered. When using sub-accounts, validate that their assigned directories align with your backup paths.
- Langsame Transfers
Performance bottlenecks may arise due to limited bandwidth, high server load, or large datasets. To maintain stability, you can throttle transfer speeds using –bwlimit=1000 for rsync or –limit-upload 1000 for Restic. This prevents connection drops and improves overall reliability during long backup sessions. - Path errors
Incorrect file paths are a common source of failed backups. Make sure that the storage destination, sub-account endpoint, and directory structure are correctly defined. Restic and rsync both require precise path references, and even minor mistakes can cause the repository or backup job to fail. - Connection limits exceeded
Hetzner imposes limits on concurrent connections to a Storage Box or sub-account. Running multiple rsync or Restic jobs simultaneously may trigger this restriction. The best approach is to reduce parallel transfers and stagger automated tasks to avoid saturating the connection limit.
Best Practices for Reliable Hetzner Backup
Implementing a reliable Hetzner backup plan goes beyond choosing the right tools. It requires consistent application of best practices. The following recommendations ensure your backups are secure, effizient, and resilient:
- Use SSH keys for security: Avoid passwords to minimise potential attack vectors and protect sensitive data.
- Encrypt sensitive data: Especially when using rsync, encryption ensures that even if files are intercepted, they remain unreadable.
- Regularly monitor backups: Verify snapshots, check backup integrity, and ensure automated processes run correctly.
- Segment backups: Use sub-accounts to separate backups for different devices, Anwendungen, or purposes. This improves organisation and reduces the risk of cross-contamination.
- Automate schedules: Maintain daily incremental backups for active data, weekly full backups for comprehensive coverage, and monthly backups for long-term storage.
Following these practices helps maintain security, Zuverlässigkeit, and peace of mind, ensuring that data can be recovered quickly in any emergency.
Final Recommendations for a Reliable Hetzner Backup Strategy
Implementing a reliable Hetzner backup plan requires careful attention to security, Automatisierung, und Überwachung. First and foremost, using SSH keys instead of passwords ensures secure access to your storage, significantly reducing potential attack vectors.
Regular monitoring of your backups is essential. This includes verifying snapshots, checking backup integrity, and ensuring that automated processes are running as scheduled. Segmenting backups by using sub-accounts for different devices or specific purposes provides better organisation and isolates potential risks, making management more straightforward.
By following these practices, your Hetzner backup strategy will be secure, effizient, and resilient, ensuring data availability and peace of mind.
Häufig gestellte Fragen (FAQ)
How do I choose Hetzner backup?
Rsync is ideal for simple Linux/macOS file synchronisation, Restic provides encrypted and deduplicated backups across platforms, and SimpleBackups offers fully automated, cloud-based backup management.
Can I use Hetzner Object Storage with Windows?
Ja, Restic supports Windows, enabling encrypted S3-compatible backups to Hetzner Object Storage.
How often should I run backups on Hetzner VPS?
Daily incremental backups for active data, weekly full backups, and monthly retention for long-term safety are recommended.
Are Hetzner backups secure?
When configured with SSH keys and encryption (Restic), backups are fully secure against unauthorised access.