AWS S3 Setup for hTech OS Backup Module
This article shows how to create an AWS account, create an S3 bucket, create IAM credentials for the hTech OS Backup module, test the connection, and troubleshoot common issues.
1) Prerequisites
- An AWS account with access to the AWS Console
- WHMCS Admin access to configure the hTech OS Backup module
- Outbound HTTPS access from your WHMCS server to AWS endpoints (TCP 443)
2) Create an AWS Account (If You Don’t Already Have One)
- Create an AWS account and complete identity verification and billing.
- Enable MFA on the AWS root account (recommended).
Security note: Do not use the AWS root account credentials for applications. Always create an IAM user with least-privilege access for the module.
3) Create an S3 Bucket
- Open AWS Console and go to S3.
- Click Create bucket.
- Set:
- Bucket name: globally unique (example:
whmcs-backups-yourcompany) - AWS Region: choose your region (example:
us-east-2)
- Bucket name: globally unique (example:
- Leave Block all public access enabled (recommended).
- Click Create bucket.
Recommended Bucket Settings
- Default encryption: enable (SSE-S3 is simplest)
- Versioning (optional): enable if you want rollback protection
- Lifecycle rules (optional): transition or delete older backups automatically
4) Create an IAM Policy (Least Privilege)
- Open AWS Console and go to IAM then Policies.
- Click Create policy and choose the JSON tab.
- Paste the policy below and replace
YOUR_BUCKET_NAMEwith your bucket name.
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "ListBucket",
"Effect": "Allow",
"Action": ["s3:ListBucket"],
"Resource": "arn:aws:s3:::YOUR_BUCKET_NAME"
},
{
"Sid": "ObjectRW",
"Effect": "Allow",
"Action": [
"s3:GetObject",
"s3:PutObject",
"s3:DeleteObject",
"s3:AbortMultipartUpload",
"s3:ListBucketMultipartUploads",
"s3:ListMultipartUploadParts"
],
"Resource": "arn:aws:s3:::YOUR_BUCKET_NAME/*"
}
]
}
- Name the policy:
htech-os-backup-s3-policy - Create the policy.
5) Create IAM User and Access Keys
- Go to IAM then Users and click Create user.
- User name:
htech-os-backup - Attach the policy:
htech-os-backup-s3-policy - Create the user.
- Open the user, go to Security credentials, and create an Access key for an application running outside AWS.
- Save the Access key ID and Secret access key (secret is shown once).
Do not share or log the secret key. If it is exposed, deactivate it and create a new one immediately.
6) Configure hTech OS Backup Module
- In WHMCS Admin, open the hTech OS Backup module settings page.
- Enter:
- Bucket
- Region (example:
us-east-2) - Access Key
- Secret Key
- Prefix (recommended):
whmcs-backups/
- For AWS S3:
- Endpoint: leave blank
- Use path-style endpoint: false
- Multipart (recommended for large backups):
- Multipart threshold: 100 MB
- Part size: 10 to 25 MB
- Save settings.
7) Test and Verify Upload
- Use the module’s Test Connection/System Health feature if available.
- Run a manual backup job.
- Verify in AWS S3 that the backup file appears under your configured prefix.
8) Troubleshooting
AccessDenied
- Confirm the IAM user has the correct policy attached.
- Confirm the bucket name in the policy matches exactly.
NoSuchBucket
- Confirm the bucket name is correct and exists in the same AWS account as the IAM user.
PermanentRedirect / Wrong Region
- Check the bucket region in S3 bucket Properties.
- Update the module region to match.
cURL / TLS Connection Errors
- Confirm outbound HTTPS (443) is allowed.
- Confirm PHP extensions: curl and openssl are enabled.
- Update server CA certificates if TLS verification fails.
Large Upload Failures
- Enable multipart uploads.
- Increase memory_limit and max_execution_time if needed.
9) Support Checklist
- WHMCS version
- PHP version
- Module version
- AWS bucket name and region (safe to share)
- The exact error message (do not include secrets)