Offsite Backups
Offsite Backups is the paid add-on that lifts your backups off the host and stores them in HostAtlas’ Hetzner-hosted S3 bucket — end-to-end encrypted and gated by the same entropy check that powers ransomware detection.
Open it from the sidebar under Monitoring → Offsite Backups, or at /offsite-backups.
What you see
Section titled “What you see”The list shows every offsite backup that has completed uploading, newest first:
- Original filename — the file on the source host.
- Server — the host it came from.
- Size — after compression.
- Uploaded at — completion timestamp.
- Encryption — whether HostAtlas encrypted it, or the file was flagged pre-encrypted and uploaded as-is.
What you can do
Section titled “What you can do”- Restore — queue a restore of the archive back to the origin host. The agent downloads, decrypts, and drops the file into
/tmp/<original-filename>. From there you decide what to do with it. - Delete — remove the archive from S3 and from the list. Deletion is best-effort on the S3 side; if the S3 call fails the record is still removed.
How it works
Section titled “How it works”Offsite Backups extends the same agent-side backup path monitoring described on Backups. When a path is enrolled in offsite:
- The agent reads the newest backup file from the configured path.
- If the entropy check flags it as HIGH or CRITICAL suspicion — the ransomware signal — the upload is refused. You will not overwrite a healthy remote copy with an encrypted one.
- If the path is flagged as intentionally pre-encrypted (GPG, age, etc.), the file is uploaded as-is with no double encryption.
- Otherwise the file is encrypted client-side, streamed to Hetzner S3, and the metadata (name, size, timestamps, encryption mode) is stored in HostAtlas.
Keys are per-tenant and never leave the encryption boundary; HostAtlas cannot read your archives.
Restore
Section titled “Restore”The restore action drops the decrypted file back onto the origin host at /tmp/<original-filename>. It does not overwrite the original path — you inspect, verify, and place it yourself. This is deliberate: an automated restore into production is a good way to overwrite a working state.
Subscription
Section titled “Subscription”Offsite is billed per GB of stored data per month. Manage the subscription — turn it on, choose storage tier, cancel — from Settings → Offsite Backups.
Related
Section titled “Related”- Backups — the underlying file-level monitor. Offsite is one option per monitored path.
- Backup Runs — for hosts running the hostatlas-backup CLI, which can ship archives directly to any S3 destination including our offsite.
- Attack Mode — related security posture control.