{"id":3713,"date":"2025-12-30T13:00:36","date_gmt":"2025-12-30T10:00:36","guid":{"rendered":"https:\/\/www.dchost.com\/blog\/ransomwarea-dayanikli-hosting-yedekleme-stratejisi-3-2-1-kurali-immutable-backup-ve-air-gap\/"},"modified":"2025-12-30T13:00:36","modified_gmt":"2025-12-30T10:00:36","slug":"ransomwarea-dayanikli-hosting-yedekleme-stratejisi-3-2-1-kurali-immutable-backup-ve-air-gap","status":"publish","type":"post","link":"https:\/\/www.dchost.com\/blog\/ransomwarea-dayanikli-hosting-yedekleme-stratejisi-3-2-1-kurali-immutable-backup-ve-air-gap\/","title":{"rendered":"Ransomware\u2019a Dayan\u0131kl\u0131 Hosting Yedekleme Stratejisi: 3\u20112\u20111 Kural\u0131, Immutable Backup ve Air\u2011Gap"},"content":{"rendered":"<div class=\"dchost-blog-content-wrapper\"><p>Bug\u00fcn bir sunucu g\u00fcvenlik denetimi yaparken ilk sordu\u011fumuz sorulardan biri \u015fu: \u201cRansomware senaryosunda, ger\u00e7ekten geri d\u00f6nebilece\u011finiz, dokunulmam\u0131\u015f ka\u00e7 kopyan\u0131z var?\u201d \u00c7o\u011fu zaman al\u0131nan g\u00fcnl\u00fck yedekler, ayn\u0131 sunucuda tutulan snapshot\u2019lar veya tek bir uzak depolama alan\u0131, ilk bak\u0131\u015fta g\u00fcven verici g\u00f6r\u00fcn\u00fcyor. Ancak fidye yaz\u0131l\u0131mlar\u0131n\u0131n art\u0131k do\u011frudan yedeklere sald\u0131rd\u0131\u011f\u0131n\u0131, yedek depolama kimlik bilgilerini hedefledi\u011fini ve a\u011fdaki her eri\u015filebilir kopyay\u0131 tek tek \u015fifreledi\u011fini g\u00f6rd\u00fc\u011f\u00fcn\u00fczde resim tamamen de\u011fi\u015fiyor. <\/p>\n<p>Bu yaz\u0131da, hosting ortam\u0131nda ger\u00e7ekten <strong>ransomware\u2019a dayan\u0131kl\u0131<\/strong> bir yedekleme mimarisi kurmak i\u00e7in \u00fc\u00e7 temel ta\u015f\u0131 birlikte ele alaca\u011f\u0131z: <strong>3\u20112\u20111 yedekleme kural\u0131<\/strong>, <strong>immutable (de\u011fi\u015ftirilemez) yedekler<\/strong> ve <strong>air\u2011gap (fiziksel\/mant\u0131ksal yal\u0131t\u0131lm\u0131\u015f) yedekleme<\/strong>. Odak noktam\u0131z, <a href=\"https:\/\/www.dchost.com\/tr\/web-hosting\">payla\u015f\u0131ml\u0131 hosting<\/a>, <a href=\"https:\/\/www.dchost.com\/tr\/vps\">VPS<\/a> ve <a href=\"https:\/\/www.dchost.com\/tr\/fiziksel-sunucu\">dedicated sunucu<\/a>lar\u0131n\u0131z\u0131 DCHost altyap\u0131s\u0131nda \u00e7al\u0131\u015ft\u0131r\u0131rken uygulayabilece\u011finiz <strong>pratik, test edilebilir ve s\u00fcrd\u00fcr\u00fclebilir<\/strong> bir strateji kurmak olacak. Teknik terimleri m\u00fcmk\u00fcn oldu\u011funca sadele\u015ftirerek, ger\u00e7ek d\u00fcnya senaryolar\u0131ndan \u00f6rneklerle ilerleyece\u011fiz.<\/p>\n<div id=\"toc_container\" class=\"toc_transparent no_bullets\"><p class=\"toc_title\">\u0130&ccedil;indekiler<\/p><ul class=\"toc_list\"><li><a href=\"#Ransomware_Tehdidi_Neden_Yedek_Stratejisini_Bastan_Yazdirdi\"><span class=\"toc_number toc_depth_1\">1<\/span> Ransomware Tehdidi Neden Yedek Stratejisini Ba\u015ftan Yazd\u0131rd\u0131?<\/a><\/li><li><a href=\"#321_Yedekleme_Kurali_Ransomware_Direncinin_Temeli\"><span class=\"toc_number toc_depth_1\">2<\/span> 3\u20112\u20111 Yedekleme Kural\u0131: Ransomware Direncinin Temeli<\/a><ul><li><a href=\"#321_Kuralini_Ransomwaree_Karsi_Guclendirmek\"><span class=\"toc_number toc_depth_2\">2.1<\/span> 3\u20112\u20111 Kural\u0131n\u0131 Ransomware\u2019e Kar\u015f\u0131 G\u00fc\u00e7lendirmek<\/a><\/li><\/ul><\/li><li><a href=\"#Immutable_Backup_Nedir_Ransomwaree_Karsi_Neden_Kritik\"><span class=\"toc_number toc_depth_1\">3<\/span> Immutable Backup Nedir, Ransomware\u2019e Kar\u015f\u0131 Neden Kritik?<\/a><ul><li><a href=\"#S3_Object_Lock_ve_WORM_Mantigi\"><span class=\"toc_number toc_depth_2\">3.1<\/span> S3 Object Lock ve WORM Mant\u0131\u011f\u0131<\/a><\/li><li><a href=\"#Immutable_Yedekleri_Hosting_Is_Yuklerine_Nasil_Uygulariz\"><span class=\"toc_number toc_depth_2\">3.2<\/span> Immutable Yedekleri Hosting \u0130\u015f Y\u00fcklerine Nas\u0131l Uygular\u0131z?<\/a><\/li><\/ul><\/li><li><a href=\"#AirGap_Yedekleme_Agdan_Kopuk_Son_Kale\"><span class=\"toc_number toc_depth_1\">4<\/span> Air\u2011Gap Yedekleme: A\u011fdan Kopuk Son Kale<\/a><ul><li><a href=\"#Hosting_Ortaminda_Pratik_AirGap_Senaryolari\"><span class=\"toc_number toc_depth_2\">4.1<\/span> Hosting Ortam\u0131nda Pratik Air\u2011Gap Senaryolar\u0131<\/a><\/li><li><a href=\"#AirGap_ile_Immutable_Backupi_Birlestirmek\"><span class=\"toc_number toc_depth_2\">4.2<\/span> Air\u2011Gap ile Immutable Backup\u2019\u0131 Birle\u015ftirmek<\/a><\/li><\/ul><\/li><li><a href=\"#DCHost_Uzerinde_Ransomwarea_Dayanikli_Ornek_Mimari\"><span class=\"toc_number toc_depth_1\">5<\/span> DCHost \u00dczerinde Ransomware\u2019a Dayan\u0131kl\u0131 \u00d6rnek Mimari<\/a><ul><li><a href=\"#1_Katman_UygulamaTutarli_Gunluk_Yedekler\"><span class=\"toc_number toc_depth_2\">5.1<\/span> 1. Katman: Uygulama\u2011Tutarl\u0131 G\u00fcnl\u00fck Yedekler<\/a><\/li><li><a href=\"#2_Katman_S3_Uyumlu_Immutable_Uzak_Yedekler\"><span class=\"toc_number toc_depth_2\">5.2<\/span> 2. Katman: S3 Uyumlu Immutable Uzak Yedekler<\/a><\/li><li><a href=\"#3_Katman_AirGap_Arsiv_Yedekler\"><span class=\"toc_number toc_depth_2\">5.3<\/span> 3. Katman: Air\u2011Gap Ar\u015fiv Yedekler<\/a><\/li><\/ul><\/li><li><a href=\"#RPO_RTO_ve_Geri_Donus_Testleri_Gercekci_Hedefler_Koymak\"><span class=\"toc_number toc_depth_1\">6<\/span> RPO, RTO ve Geri D\u00f6n\u00fc\u015f Testleri: Ger\u00e7ek\u00e7i Hedefler Koymak<\/a><ul><li><a href=\"#Geri_Donus_Provalari_ve_Runbook\"><span class=\"toc_number toc_depth_2\">6.1<\/span> Geri D\u00f6n\u00fc\u015f Provalar\u0131 ve Runbook<\/a><\/li><\/ul><\/li><li><a href=\"#Sik_Yapilan_Hatalar_ve_Kendinize_Soracaginiz_10_Soru\"><span class=\"toc_number toc_depth_1\">7<\/span> S\u0131k Yap\u0131lan Hatalar ve Kendinize Soraca\u011f\u0131n\u0131z 10 Soru<\/a><ul><li><a href=\"#Yaygin_Hatalar\"><span class=\"toc_number toc_depth_2\">7.1<\/span> Yayg\u0131n Hatalar<\/a><\/li><li><a href=\"#Kendinize_Soracaginiz_10_Soru\"><span class=\"toc_number toc_depth_2\">7.2<\/span> Kendinize Soraca\u011f\u0131n\u0131z 10 Soru<\/a><\/li><\/ul><\/li><li><a href=\"#Sonuc_Ransomwarea_Dayanikli_Yedek_Sadece_Bir_Ayar_Degil_Bir_Mimari_Karari\"><span class=\"toc_number toc_depth_1\">8<\/span> Sonu\u00e7: Ransomware\u2019a Dayan\u0131kl\u0131 Yedek, Sadece Bir Ayar De\u011fil Bir Mimari Karar\u0131<\/a><\/li><\/ul><\/div>\n<h2><span id=\"Ransomware_Tehdidi_Neden_Yedek_Stratejisini_Bastan_Yazdirdi\">Ransomware Tehdidi Neden Yedek Stratejisini Ba\u015ftan Yazd\u0131rd\u0131?<\/span><\/h2>\n<p>Ransomware sald\u0131r\u0131lar\u0131 art\u0131k yaln\u0131zca dosyalar\u0131n\u0131z\u0131 \u015fifreleyip fidye isteyen \u201cklasik\u201d zararl\u0131 yaz\u0131l\u0131mlardan ibaret de\u011fil. Modern sald\u0131r\u0131 senaryolar\u0131nda, sald\u0131rganlar \u00f6nce eri\u015fim haklar\u0131n\u0131 geni\u015fletiyor, y\u00f6netici hesaplar\u0131n\u0131 ele ge\u00e7iriyor, ard\u0131ndan da <strong>yedek altyap\u0131s\u0131n\u0131 sistematik bi\u00e7imde devre d\u0131\u015f\u0131 b\u0131rakmaya<\/strong> \u00e7al\u0131\u015f\u0131yor.<\/p>\n<p>Son y\u0131llarda g\u00f6rd\u00fc\u011f\u00fcm\u00fcz baz\u0131 ortak desenler:<\/p>\n<ul>\n<li>cPanel veya panel d\u0131\u015f\u0131 cron ile al\u0131nan yedeklerin, ayn\u0131 sunucudaki ba\u015fka bir dizinde tutulmas\u0131 ve ransomware taraf\u0131ndan beraberce \u015fifrelenmesi.<\/li>\n<li>VPS\/dedicated sunucular\u0131n snapshot\u2019lar\u0131n\u0131n, ayn\u0131 hypervisor veya ayn\u0131 depo havuzunda tutulup topluca eri\u015filemez hale gelmesi.<\/li>\n<li>Yedekler i\u00e7in kullan\u0131lan S3 uyumlu depolama eri\u015fim anahtarlar\u0131n\u0131n (access key\/secret) ele ge\u00e7irilip, sald\u0131rgan taraf\u0131ndan mevcut t\u00fcm yedek versiyonlar\u0131n\u0131n da silinmesi.<\/li>\n<\/ul>\n<p>Bu tablo bize iki kritik dersi hat\u0131rlat\u0131yor:<\/p>\n<ul>\n<li><strong>Tek noktaya g\u00fcvenen yedek yoktur.<\/strong> Bir kopya asla yedek say\u0131lmaz.<\/li>\n<li><strong>Eri\u015filebilen her \u015fey \u015fifrelenebilir veya silinebilir.<\/strong> Yani yedekleriniz sald\u0131rgan\u0131n yetki seviyesinden ba\u011f\u0131ms\u0131z, ek g\u00fcvenlik katmanlar\u0131yla korunmal\u0131d\u0131r.<\/li>\n<\/ul>\n<p>DCHost\u2019ta altyap\u0131 tasarlarken, yedek mimarisini art\u0131k \u201cdisk ar\u0131zas\u0131\u201d senaryosundan \u00e7ok, \u201cyetkisi geni\u015flemi\u015f sald\u0131rgan\u201d senaryosuna g\u00f6re kurguluyoruz. \u0130\u015fte burada 3\u20112\u20111 kural\u0131, immutable backup ve air\u2011gap yakla\u015f\u0131m\u0131 devreye giriyor.<\/p>\n<h2><span id=\"321_Yedekleme_Kurali_Ransomware_Direncinin_Temeli\">3\u20112\u20111 Yedekleme Kural\u0131: Ransomware Direncinin Temeli<\/span><\/h2>\n<p>3\u20112\u20111 kural\u0131, modern yedekleme d\u00fcnyas\u0131nda h\u00e2l\u00e2 en sa\u011flam iskeletlerden biri:<\/p>\n<ul>\n<li><strong>3 kopya<\/strong> veri (1 \u00fcretim + 2 yedek)<\/li>\n<li><strong>2 farkl\u0131 ortam<\/strong> (farkl\u0131 disk t\u00fcr\u00fc, farkl\u0131 depolama sistemi, farkl\u0131 dosya format\u0131 vb.)<\/li>\n<li><strong>1 kopya mutlaka offsite<\/strong> (farkl\u0131 veri merkezinde veya en az\u0131ndan farkl\u0131 fiziksel\/lojik altyap\u0131da)<\/li>\n<\/ul>\n<p>Bu yakla\u015f\u0131m\u0131 hosting d\u00fcnyas\u0131na uyarlad\u0131\u011f\u0131m\u0131zda, pratik bir \u00f6rnek \u015f\u00f6yle g\u00f6r\u00fcnebilir:<\/p>\n<ul>\n<li><strong>1. Kopya (\u00dcretim):<\/strong> Web siteniz ve veritaban\u0131n\u0131z\u0131n \u00e7al\u0131\u015ft\u0131\u011f\u0131 DCHost sunucusu.<\/li>\n<li><strong>2. Kopya (Yerel Yedek):<\/strong> Ayn\u0131 veri merkezinde ama farkl\u0131 disk havuzunda tutulan g\u00fcnl\u00fck snapshot veya panel yedekleri.<\/li>\n<li><strong>3. Kopya (Uzak Yedek):<\/strong> Farkl\u0131 veri merkezinde bar\u0131nd\u0131r\u0131lan S3 uyumlu object storage \u00fczerinde \u015fifrelenmi\u015f ve versiyonlu yedekler.<\/li>\n<\/ul>\n<p>3\u20112\u20111 kural\u0131n\u0131 hosting taraf\u0131nda nas\u0131l uygulayabilece\u011finizi, <a href=\"https:\/\/www.dchost.com\/blog\/3-2-1-yedekleme-stratejisi-neden-ise-yariyor-cpanel-plesk-ve-vpste-otomatik-yedekleri-nasil-kurarsin\/\">3\u20112\u20111 yedekleme stratejisi neden i\u015fe yar\u0131yor ve cPanel\/plesk\/VPS\u2019te otomatik yedekleri nas\u0131l kurars\u0131n\u0131z<\/a> yaz\u0131m\u0131zda detayl\u0131 anlatt\u0131k. Bu yaz\u0131da ise ayn\u0131 prensibi <strong>ransomware\u2019e \u00f6zel sertle\u015ftirme<\/strong> katmanlar\u0131yla birle\u015ftirece\u011fiz.<\/p>\n<h3><span id=\"321_Kuralini_Ransomwaree_Karsi_Guclendirmek\">3\u20112\u20111 Kural\u0131n\u0131 Ransomware\u2019e Kar\u015f\u0131 G\u00fc\u00e7lendirmek<\/span><\/h3>\n<p>Temel 3\u20112\u20111 \u00e7o\u011fu donan\u0131m ar\u0131zas\u0131 ve insan hatas\u0131 senaryosunda i\u015fe yarar. Ancak ransomware i\u00e7in birka\u00e7 ek \u015fart gerekiyor:<\/p>\n<ul>\n<li><strong>Kimlik bilgisi ayr\u0131m\u0131:<\/strong> \u00dcretim sunucusunun sahip oldu\u011fu eri\u015fim anahtarlar\u0131, t\u00fcm yedeklere tam yetkili olmamal\u0131. En k\u00f6t\u00fc ihtimalde yaln\u0131zca \u201cyeni yedek yazma\u201d yetkisi olmal\u0131.<\/li>\n<li><strong>S\u00fcr\u00fcmleme (versioning):<\/strong> Uzak depoda silinen veya \u00fczerine yaz\u0131lan yedeklerin \u00f6nceki versiyonlar\u0131na geriye d\u00f6n\u00fck eri\u015fim sa\u011flanmal\u0131.<\/li>\n<li><strong>Silme i\u015flemlerine ek fren:<\/strong> \u201cT\u00fcm klas\u00f6r\u00fc bo\u015falt\u201d komutu tek ad\u0131mda geri d\u00f6n\u00fclemez sonu\u00e7 \u00fcretmemeli; immutable\/retention politikalar\u0131 ile frenlenmeli.<\/li>\n<\/ul>\n<p>Bu gereksinimler bizi bir sonraki ad\u0131ma, yani immutable backup kavram\u0131na g\u00f6t\u00fcr\u00fcyor.<\/p>\n<h2><span id=\"Immutable_Backup_Nedir_Ransomwaree_Karsi_Neden_Kritik\">Immutable Backup Nedir, Ransomware\u2019e Kar\u015f\u0131 Neden Kritik?<\/span><\/h2>\n<p><strong>Immutable backup<\/strong>, belirli bir s\u00fcre boyunca <strong>de\u011fi\u015ftirilemeyen, silinemeyen<\/strong> yedek kopyalar\u0131 ifade eder. Bir kez yaz\u0131ld\u0131ktan sonra, tan\u0131ml\u0131 \u201ctutma s\u00fcresi\u201d dolana kadar kimse (hatta tam yetkili bir y\u00f6netici bile) bu veriyi de\u011fi\u015ftiremez veya silemez.<\/p>\n<p>Bunu g\u00fcnl\u00fck hayattan bir metaforla d\u00fc\u015f\u00fcn\u00fcn: Bir kasaya belge koyuyorsunuz ve kasay\u0131 30 g\u00fcnl\u00fc\u011f\u00fcne zaman kilidine al\u0131yorsunuz. Anahtar sizde olsa bile, s\u00fcre dolmadan kasay\u0131 a\u00e7am\u0131yorsunuz. Immutable backup tam olarak bunu dijitalde yap\u0131yor.<\/p>\n<h3><span id=\"S3_Object_Lock_ve_WORM_Mantigi\">S3 Object Lock ve WORM Mant\u0131\u011f\u0131<\/span><\/h3>\n<p>Immutable yedekleri prati\u011fe d\u00f6kmek i\u00e7in en s\u0131k kullan\u0131lan y\u00f6ntemlerden biri, S3 uyumlu depolarda <strong>Object Lock<\/strong> veya <strong>WORM (Write Once, Read Many)<\/strong> \u00f6zelliklerini kullanmakt\u0131r. DCHost altyap\u0131s\u0131nda da yayg\u0131n olarak kulland\u0131\u011f\u0131m\u0131z bu yakla\u015f\u0131m\u0131, <a href=\"https:\/\/www.dchost.com\/blog\/s3-object-lock-ile-fidye-yazilima-karsi-kale-gibi-yedek-versioning-mfa-delete-ve-geri-donus-testlerini-samimi-samimi-konusalim\/\">S3 Object Lock ile fidye yaz\u0131l\u0131ma kar\u015f\u0131 kale gibi yedek<\/a> rehberimizde ayr\u0131nt\u0131l\u0131 anlatt\u0131k.<\/p>\n<p>Temel mant\u0131k \u015fu ad\u0131mlarla kuruluyor:<\/p>\n<ol>\n<li>Yedekler, S3 uyumlu bir bucket i\u00e7ine yaz\u0131l\u0131yor.<\/li>\n<li>Bucket\u2019ta versioning (s\u00fcr\u00fcmleme) etkinle\u015ftiriliyor.<\/li>\n<li>Object Lock devreye al\u0131narak, her yedek nesnesine \u201c\u015fu tarihe kadar silinemez\/de\u011fi\u015ftirilemez\u201d bilgisi ekleniyor.<\/li>\n<li>Silme veya s\u00fcreyi k\u0131saltma denemeleri, politika taraf\u0131ndan reddediliyor.<\/li>\n<\/ol>\n<p>Bu sayede, \u00fcretim sunucusuna tam eri\u015fim sa\u011flanm\u0131\u015f ve yedekleme access key\u2019i ele ge\u00e7irilmi\u015f olsa bile, sald\u0131rgan yaln\u0131zca <strong>yeni k\u00f6t\u00fc yedekler yazabilir<\/strong>; ge\u00e7mi\u015fteki immutable kopyalar\u0131 <strong>fiziksel olarak silemez<\/strong>.<\/p>\n<h3><span id=\"Immutable_Yedekleri_Hosting_Is_Yuklerine_Nasil_Uygulariz\">Immutable Yedekleri Hosting \u0130\u015f Y\u00fcklerine Nas\u0131l Uygular\u0131z?<\/span><\/h3>\n<p>DCHost \u00fczerinde tipik bir senaryoyu ele alal\u0131m:<\/p>\n<ul>\n<li>Web sitesi: WordPress, Laravel veya \u00f6zel PHP uygulamas\u0131.<\/li>\n<li>Veritaban\u0131: MySQL\/MariaDB veya PostgreSQL.<\/li>\n<li>Sunucu tipi: Y\u00f6netilen veya y\u00f6netilmeyen VPS \/ dedicated.<\/li>\n<\/ul>\n<p>Bu senaryoda immutable yedekleme i\u00e7in a\u015fa\u011f\u0131daki ak\u0131\u015f olduk\u00e7a sa\u011flamd\u0131r:<\/p>\n<ol>\n<li>Uygulama ve veritaban\u0131 i\u00e7in <strong>uygulama\u2011tutarl\u0131 yedek<\/strong> al\u0131n (\u00f6rne\u011fin LVM snapshot + mysqldump ya da XtraBackup). Bu konuda <a href=\"https:\/\/www.dchost.com\/blog\/uygulama%e2%80%91tutarli-yedekler-nasil-alinir-lvm-snapshot-ve-fsfreeze-ile-mysql-postgresqli-usutmeden-dondurmak\/\">uygulama\u2011tutarl\u0131 yedekler ve LVM snapshot kullan\u0131m\u0131<\/a> rehberimize de g\u00f6z atabilirsiniz.<\/li>\n<li>Bu yedek \u00e7\u0131kt\u0131s\u0131n\u0131 (\u00f6rne\u011fin restic veya borg ile) s\u0131k\u0131\u015ft\u0131r\u0131p \u015fifreleyerek S3 uyumlu immutable bucket\u2019a g\u00f6nderin.<\/li>\n<li>Bucket \u00fczerinde Object Lock ve retention politikas\u0131 ile, \u00f6rne\u011fin 30 g\u00fcn boyunca \u201csilinemez\/de\u011fi\u015ftirilemez\u201d kural\u0131n\u0131 uygulay\u0131n.<\/li>\n<li>Yedekleme kimlik bilgilerinin yaln\u0131zca \u201cyazma\u201d ve \u201clisteleme\u201d hakk\u0131na sahip oldu\u011fundan, <strong>silme hakk\u0131 olmad\u0131\u011f\u0131ndan<\/strong> emin olun.<\/li>\n<\/ol>\n<p>restic ve borg gibi modern ara\u00e7larla S3 uyumlu uzak yedekleme kurulumunu, <a href=\"https:\/\/www.dchost.com\/blog\/restic-ve-borg-ile-s3-uyumlu-uzak-yedekleme-surumleme-sifreleme-ve-saklama-ne-zaman-nasil\/\">restic ve Borg ile S3 uyumlu uzak yedekleme<\/a> ba\u015fl\u0131kl\u0131 yaz\u0131m\u0131zda ad\u0131m ad\u0131m anlatt\u0131k. Immutable katman\u0131n\u0131 buradaki ak\u0131\u015fa ekledi\u011finizde, ransomware senaryolar\u0131na kar\u015f\u0131 \u00e7ok daha sa\u011flam bir yap\u0131 elde edersiniz.<\/p>\n<h2><span id=\"AirGap_Yedekleme_Agdan_Kopuk_Son_Kale\">Air\u2011Gap Yedekleme: A\u011fdan Kopuk Son Kale<\/span><\/h2>\n<p><strong>Air\u2011gap<\/strong>, kelime anlam\u0131yla \u201chava bo\u015flu\u011fu\u201d demek. Yedek d\u00fcnyas\u0131nda ise \u015fu anlama geliyor: <strong>Belirli bir yedek kopyas\u0131, normal a\u011f eri\u015fimiyle ula\u015f\u0131lamayacak kadar izole bir yerde tutuluyor.<\/strong><\/p>\n<p>Bu fiziksel olabilir (\u00f6rne\u011fin offline tape kasetler, harici diskler) veya mant\u0131ksal olabilir (eri\u015fim yaln\u0131zca belirli bir bak\u0131m zaman aral\u0131\u011f\u0131nda, k\u0131s\u0131tl\u0131 bir a\u011f t\u00fcneli ile a\u00e7\u0131l\u0131r). \u00d6nemli olan, sald\u0131r\u0131 an\u0131nda ransomware\u2019in yay\u0131labildi\u011fi a\u011f segmentlerinden <strong>tamamen kopuk<\/strong> olmas\u0131d\u0131r.<\/p>\n<h3><span id=\"Hosting_Ortaminda_Pratik_AirGap_Senaryolari\">Hosting Ortam\u0131nda Pratik Air\u2011Gap Senaryolar\u0131<\/span><\/h3>\n<p>Hosting taraf\u0131nda en s\u0131k kulland\u0131\u011f\u0131m\u0131z mant\u0131ksal air\u2011gap senaryolar\u0131ndan baz\u0131lar\u0131:<\/p>\n<ul>\n<li><strong>Ayr\u0131 yedek VPS\u2019i:<\/strong> \u00dcretim altyap\u0131s\u0131ndan farkl\u0131 bir DCHost veri merkezinde, yaln\u0131zca yedekleri toplamak i\u00e7in kullan\u0131lan, SSH anahtarlar\u0131 ve firewall kurallar\u0131yla s\u0131k\u0131 bi\u00e7imde izole edilmi\u015f bir VPS.<\/li>\n<li><strong>Zamanlanm\u0131\u015f k\u0131sa ba\u011flant\u0131 pencereleri:<\/strong> Yedek sunucusu normalde t\u00fcm \u00fcretim sunucular\u0131na kapal\u0131d\u0131r; yaln\u0131zca belirli cron zamanlar\u0131nda (\u00f6rne\u011fin gece 02:00\u201302:30 aras\u0131) firewall kural\u0131 ge\u00e7ici olarak a\u00e7\u0131l\u0131r, rsync\/restic ile yedekler \u00e7ekilir, ard\u0131ndan ba\u011flant\u0131 penceresi kapan\u0131r.<\/li>\n<li><strong>Ayr\u0131 y\u00f6netim kimlik bilgileri:<\/strong> Yedek sunucusuna eri\u015fen kullan\u0131c\u0131 hesaplar\u0131, \u00fcretim ortam\u0131na eri\u015fen hesaplardan tamamen farkl\u0131 tutulur; b\u00f6ylece tek bir kimlik bilgisinin ele ge\u00e7irilmesi t\u00fcm yap\u0131y\u0131 \u00e7\u00f6kertmez.<\/li>\n<\/ul>\n<p>Buna ek olarak, baz\u0131 kurumlar h\u00e2l\u00e2 belirli aral\u0131klarla <strong>fiziksel air\u2011gap<\/strong> de kullan\u0131yor: Kritik ayl\u0131k yedekler, \u015fifrelenmi\u015f ar\u015fiv olarak harici disk veya tape\u2019e al\u0131narak veri merkezinden fiziksel olarak \u00e7\u0131kar\u0131l\u0131yor. Bu yakla\u015f\u0131m maliyetli ve operasyonel zahmetli olsa da, baz\u0131 reg\u00fclasyonlu sekt\u00f6rlerde h\u00e2l\u00e2 alt\u0131n standart kabul ediliyor.<\/p>\n<h3><span id=\"AirGap_ile_Immutable_Backupi_Birlestirmek\">Air\u2011Gap ile Immutable Backup\u2019\u0131 Birle\u015ftirmek<\/span><\/h3>\n<p>En g\u00fc\u00e7l\u00fc mimarilerde immutable ve air\u2011gap genellikle birlikte kullan\u0131l\u0131r:<\/p>\n<ul>\n<li><strong>1. katman:<\/strong> Yerel snapshot\u2019lar (h\u0131zl\u0131 geri d\u00f6n\u00fc\u015f i\u00e7in, ransomware\u2019e kar\u015f\u0131 tek ba\u015f\u0131na yeterli de\u011fil).<\/li>\n<li><strong>2. katman:<\/strong> Uzak S3 uyumlu depoda immutable backup (Object Lock + versioning).<\/li>\n<li><strong>3. katman:<\/strong> Mant\u0131ksal veya fiziksel air\u2011gap ile d\u00f6nemsel (haftal\u0131k\/ayl\u0131k) tam ar\u015fiv kopyalar\u0131.<\/li>\n<\/ul>\n<p>B\u00f6ylece, en k\u00f6t\u00fc senaryoda bile (\u00f6rne\u011fin S3 eri\u015fim anahtarlar\u0131n\u0131n t\u00fcm\u00fc s\u0131zd\u0131r\u0131ld\u0131, \u00fcretim ortam\u0131 tamamen \u015fifrelendi), ayr\u0131 air\u2011gap katman\u0131ndaki kopyalar\u0131n\u0131z, son savunma hatt\u0131 olarak elinizde kal\u0131yor.<\/p>\n<h2><span id=\"DCHost_Uzerinde_Ransomwarea_Dayanikli_Ornek_Mimari\">DCHost \u00dczerinde Ransomware\u2019a Dayan\u0131kl\u0131 \u00d6rnek Mimari<\/span><\/h2>\n<p>\u015eimdi t\u00fcm par\u00e7alar\u0131 bir araya getirip, DCHost \u00fczerinde \u00e7al\u0131\u015fan tipik bir e\u2011ticaret sitesi veya SaaS uygulamas\u0131 i\u00e7in somut bir \u00f6rnek mimari kural\u0131m. Buradaki tasar\u0131m, kolayca \u00f6l\u00e7eklenebilir ve az say\u0131da bile\u015fenle uygulanabilir olmay\u0131 hedefliyor.<\/p>\n<h3><span id=\"1_Katman_UygulamaTutarli_Gunluk_Yedekler\">1. Katman: Uygulama\u2011Tutarl\u0131 G\u00fcnl\u00fck Yedekler<\/span><\/h3>\n<p>\u00d6nce \u00fcretim sunucunuzda, uygulama a\u00e7\u0131s\u0131ndan tutarl\u0131 yedek almay\u0131 hedefleyin:<\/p>\n<ul>\n<li>Veritaban\u0131 (MySQL\/MariaDB\/PostgreSQL) i\u00e7in g\u00fcnl\u00fck veya daha s\u0131k aral\u0131klarla <strong>tam veya art\u0131ml\u0131 yedek<\/strong> al\u0131n.<\/li>\n<li>Dosya sistemi i\u00e7in LVM snapshot veya rsync tabanl\u0131 bir \u00e7\u00f6z\u00fcmle <strong>kod, y\u00fcklenen dosyalar ve yap\u0131land\u0131rma<\/strong> kopyalan\u0131n.<\/li>\n<li>Bu i\u015flemleri cron\/systemd timer ile otomatikle\u015ftirin; manuel ad\u0131m b\u0131rakmamaya \u00e7al\u0131\u015f\u0131n.<\/li>\n<\/ul>\n<p>Bu a\u015famada dikkat edilmesi gereken nokta, yedeklerin <strong>ayn\u0131 diskte de\u011fil, ayr\u0131 bir disk havuzunda veya en az\u0131ndan ayr\u0131 partition\u2019da<\/strong> tutulmas\u0131d\u0131r. Ancak bu katman ransomware\u2019e kar\u015f\u0131 tek savunman\u0131z olmamal\u0131; buras\u0131 daha \u00e7ok \u201ch\u0131zl\u0131 geri d\u00f6n\u00fc\u015f\u201d katman\u0131.<\/p>\n<h3><span id=\"2_Katman_S3_Uyumlu_Immutable_Uzak_Yedekler\">2. Katman: S3 Uyumlu Immutable Uzak Yedekler<\/span><\/h3>\n<p>\u0130kinci katmanda, \u00fcretim sunucusundan ba\u011f\u0131ms\u0131z bir S3 uyumlu object storage kullan\u0131n:<\/p>\n<ul>\n<li>DCHost altyap\u0131n\u0131zdan eri\u015febilece\u011finiz S3 uyumlu bir bucket olu\u015fturun.<\/li>\n<li>Bucket\u2019ta versioning ve Object Lock\u2019u etkinle\u015ftirin.<\/li>\n<li>restic, borg veya benzeri bir ara\u00e7la uygulama + veritaban\u0131 yedeklerinizi bu bucketa g\u00f6nderin.<\/li>\n<li>Yedekleri <strong>\u00fcretimden ba\u011f\u0131ms\u0131z bir \u015fifreleme anahtar\u0131<\/strong> ile \u015fifreleyin (\u00f6rne\u011fin restic repository password).<\/li>\n<\/ul>\n<p>Yedek y\u00fckleyen kullan\u0131c\u0131 hesab\u0131na yaln\u0131zca <strong>put\/list<\/strong> yetkisi verip <strong>delete<\/strong> yetkisini kapatarak, sald\u0131rgan\u0131n eri\u015fse bile ge\u00e7mi\u015f immutable kopyalar\u0131 silmesini neredeyse imkans\u0131z hale getirebilirsiniz. Bu modelin detaylar\u0131n\u0131, hem <a href=\"https:\/\/www.dchost.com\/blog\/object-storagea-otomatik-yedek-alma-rclone-restic-ve-cron-ile-cpanel-vps-yedekleri\/\">object storage\u2019a otomatik yedek alma (rclone, restic ve cron ile cPanel\/VPS yedekleri)<\/a> hem de <a href=\"https:\/\/www.dchost.com\/blog\/restic-ve-borg-ile-s3-uyumlu-uzak-yedekleme-surumleme-sifreleme-ve-saklama-ne-zaman-nasil\/\">restic ve Borg ile S3 uyumlu uzak yedekleme<\/a> rehberlerimizde ayr\u0131nt\u0131l\u0131 bulabilirsiniz.<\/p>\n<h3><span id=\"3_Katman_AirGap_Arsiv_Yedekler\">3. Katman: Air\u2011Gap Ar\u015fiv Yedekler<\/span><\/h3>\n<p>\u00dc\u00e7\u00fcnc\u00fc katmanda, haftal\u0131k veya ayl\u0131k periyotlarla, t\u00fcm sistemi kapsayan air\u2011gap bir ar\u015fiv \u00fcretin:<\/p>\n<ul>\n<li>Belirli bir g\u00fcn\/saat se\u00e7in (\u00f6rne\u011fin her pazar 03:00).<\/li>\n<li>Yaln\u0131zca bu zaman aral\u0131\u011f\u0131nda aktif olan bir ba\u011flant\u0131 penceresiyle, ayr\u0131 bir DCHost VPS\u2019ine rsync\/restic ile tam ar\u015fiv yede\u011fi \u00e7ekin.<\/li>\n<li>Bu VPS\u2019i \u00fcretim a\u011f\u0131ndan firewall ile sert bi\u00e7imde yal\u0131t\u0131n; normal zamanda inbound ba\u011flant\u0131lar\u0131 tamamen kapal\u0131 tutun.<\/li>\n<li>Dilerseniz bu ar\u015fiv yedeklerini periyodik olarak \u015fifreli tar ar\u015fivi olarak indirip, kurum i\u00e7i NAS veya offline depolama \u00fczerinde ek bir katman daha olu\u015fturun.<\/li>\n<\/ul>\n<p>B\u00f6ylece, \u00fcretim ortam\u0131n\u0131z tamamen ele ge\u00e7irilmi\u015f ve S3 eri\u015fim anahtarlar\u0131n\u0131z \u00e7al\u0131nm\u0131\u015f olsa bile, sald\u0131rgan\u0131n <strong>eri\u015femeyece\u011fi<\/strong> ekstra bir yedek katman\u0131n\u0131z olur.<\/p>\n<h2><span id=\"RPO_RTO_ve_Geri_Donus_Testleri_Gercekci_Hedefler_Koymak\">RPO, RTO ve Geri D\u00f6n\u00fc\u015f Testleri: Ger\u00e7ek\u00e7i Hedefler Koymak<\/span><\/h2>\n<p>Hi\u00e7bir yedek stratejisi, geri d\u00f6n\u00fc\u015f (restore) test edilmeden tamamlanm\u0131\u015f say\u0131lmaz. Ransomware senaryosunda as\u0131l \u00f6nemli olan, yaln\u0131zca \u201cyedek var m\u0131?\u201d sorusu de\u011fil; ayn\u0131 zamanda \u015fu iki sorunun cevab\u0131d\u0131r:<\/p>\n<ul>\n<li><strong>RPO (Recovery Point Objective):<\/strong> En fazla ne kadar veri kayb\u0131n\u0131 kabul edebilirim? 1 saat, 4 saat, 24 saat?<\/li>\n<li><strong>RTO (Recovery Time Objective):<\/strong> Sistemlerimi ne kadar s\u00fcrede tekrar aya\u011fa kald\u0131rmam gerekiyor? 1 saat, 4 saat, 1 g\u00fcn?<\/li>\n<\/ul>\n<p>Bu iki hedefi netle\u015ftirmeden yedek stratejisi tasarlamak, mimari tasar\u0131m s\u00fcrecinde bo\u015f bir kutu b\u0131rakmakt\u0131r. RPO\/RTO kavramlar\u0131n\u0131 detayl\u0131ca anlatt\u0131\u011f\u0131m\u0131z <a href=\"https:\/\/www.dchost.com\/blog\/yedekleme-stratejisi-nasil-planlanir-blog-e-ticaret-ve-saas-siteleri-icin-rpo-rto-rehberi\/\">yedekleme stratejisi ve RPO\/RTO rehberimiz<\/a> bu noktada i\u015fin stratejik taraf\u0131n\u0131 tamamlar.<\/p>\n<h3><span id=\"Geri_Donus_Provalari_ve_Runbook\">Geri D\u00f6n\u00fc\u015f Provalar\u0131 ve Runbook<\/span><\/h3>\n<p>DCHost \u00fczerinde pek \u00e7ok m\u00fc\u015fterimizle birlikte \u015funu g\u00f6rd\u00fck: Yedek var ama 1 y\u0131l boyunca hi\u00e7 restore denenmemi\u015f. B\u00f6yle bir ortamda, ger\u00e7ek bir fidye sald\u0131r\u0131s\u0131nda risk almak istemezsiniz. Bu y\u00fczden:<\/p>\n<ul>\n<li>Her 1\u20133 ayda bir, rastgele se\u00e7ilen bir yede\u011fi <strong>ayr\u0131 bir test sunucusuna<\/strong> geri y\u00fckleyin.<\/li>\n<li>Veritaban\u0131 b\u00fct\u00fcnl\u00fc\u011f\u00fcn\u00fc, uygulaman\u0131n aya\u011fa kalkmas\u0131n\u0131 ve kritik i\u015flevleri (sepet, \u00f6deme, login vb.) test edin.<\/li>\n<li>Bu s\u00fcreci ad\u0131m ad\u0131m anlatan bir <strong>runbook<\/strong> (yaz\u0131l\u0131 prosed\u00fcr) olu\u015fturun.<\/li>\n<\/ul>\n<p>Felaket senaryolar\u0131n\u0131 \u00f6nceden prova etmek i\u00e7in haz\u0131rlad\u0131\u011f\u0131m\u0131z <a href=\"https:\/\/www.dchost.com\/blog\/felaket-kurtarma-plani-nasil-yazilir-rto-rpoyu-kafada-netlestirip-yedek-testleri-ve-runbooklari-gercekten-calisir-hale-getirmek\/\">felaket kurtarma plan\u0131 nas\u0131l yaz\u0131l\u0131r<\/a> rehberi, bu runbook\u2019u haz\u0131rlarken iyi bir tamamlay\u0131c\u0131 olacakt\u0131r.<\/p>\n<h2><span id=\"Sik_Yapilan_Hatalar_ve_Kendinize_Soracaginiz_10_Soru\">S\u0131k Yap\u0131lan Hatalar ve Kendinize Soraca\u011f\u0131n\u0131z 10 Soru<\/span><\/h2>\n<p>Ransomware\u2019a dayan\u0131kl\u0131 yedek mimarisi kurarken en \u00e7ok g\u00f6rd\u00fc\u011f\u00fcm\u00fcz hatalar\u0131 ve kendinize sorabilece\u011finiz kontrol sorular\u0131n\u0131 \u00f6zetleyelim.<\/p>\n<h3><span id=\"Yaygin_Hatalar\">Yayg\u0131n Hatalar<\/span><\/h3>\n<ul>\n<li><strong>T\u00fcm yedeklerin ayn\u0131 sunucuda tutulmas\u0131:<\/strong> Disk ar\u0131zas\u0131 ve ransomware i\u00e7in tek seferde kay\u0131p anlam\u0131na gelir.<\/li>\n<li><strong>Tek yedek hedefi kullanmak:<\/strong> Sadece RAID, sadece snapshot veya sadece tek bir object storage yetersizdir.<\/li>\n<li><strong>Silme yetkisi olan access key\u2019ler:<\/strong> \u00dcretim sunucusundan kullan\u0131lan anahtarlar\u0131n, immutable katman\u0131 bile devre d\u0131\u015f\u0131 b\u0131rakabilecek kadar geni\u015f yetkili olmas\u0131.<\/li>\n<li><strong>\u015eifrelenmemi\u015f uzak yedekler:<\/strong> Object storage s\u0131z\u0131nt\u0131s\u0131nda m\u00fc\u015fterilerinizin ham verisinin a\u00e7\u0131\u011fa \u00e7\u0131kmas\u0131.<\/li>\n<li><strong>Hi\u00e7 restore testi yapmamak:<\/strong> Yedeklerin yaln\u0131zca \u201cvar\u201d oldu\u011funu bilmek, geri d\u00f6n\u00fc\u015f s\u00fcresini ve ba\u015far\u0131s\u0131n\u0131 garanti etmez.<\/li>\n<\/ul>\n<h3><span id=\"Kendinize_Soracaginiz_10_Soru\">Kendinize Soraca\u011f\u0131n\u0131z 10 Soru<\/span><\/h3>\n<ol>\n<li>\u015eu an \u00fcretimde \u00e7al\u0131\u015fan verilerimin en g\u00fcncel <strong>3 ba\u011f\u0131ms\u0131z kopyas\u0131<\/strong> ger\u00e7ekten var m\u0131?<\/li>\n<li>Bu kopyalardan en az 1 tanesi, farkl\u0131 bir DCHost veri merkezinde veya tamamen farkl\u0131 bir altyap\u0131da m\u0131?<\/li>\n<li>S3 uyumlu yedeklerimde versioning ve Object Lock etkin mi, yoksa tek s\u00fcr\u00fcm m\u00fc tutuyorum?<\/li>\n<li>\u00dcretim sunucusundan eri\u015filen access key, yedekleri <strong>silme yetkisine<\/strong> sahip mi?<\/li>\n<li>Yedeklerim <strong>\u015fifreli<\/strong> mi? \u015eifreleme anahtarlar\u0131 nerede, nas\u0131l yedeklenmi\u015f durumda?<\/li>\n<li>Son 6 ay i\u00e7inde en az 1 kez, rastgele bir tarihteki yede\u011fi a\u00e7\u0131p test restore yapt\u0131m m\u0131?<\/li>\n<li>RPO ve RTO hedeflerim yaz\u0131l\u0131 olarak tan\u0131ml\u0131 m\u0131, yoksa herkes kafas\u0131na g\u00f6re bir tahmin mi yap\u0131yor?<\/li>\n<li>Air\u2011gap bir katman\u0131m var m\u0131, yoksa t\u00fcm kopyalar s\u00fcrekli ayn\u0131 a\u011fdan eri\u015filebilir durumda m\u0131?<\/li>\n<li>Yedekleme g\u00f6revleri ba\u015far\u0131s\u0131z oldu\u011funda bana e\u2011posta veya alarm g\u00f6nderen bir izleme sistemim var m\u0131?<\/li>\n<li>Yedekleme politikam KVKK\/GDPR gibi reg\u00fclasyonlarla \u00e7eli\u015fmeyecek \u015fekilde <strong>saklama s\u00fcreleri<\/strong> ve <strong>silme prosed\u00fcrleri<\/strong> i\u00e7eriyor mu?<\/li>\n<\/ol>\n<h2><span id=\"Sonuc_Ransomwarea_Dayanikli_Yedek_Sadece_Bir_Ayar_Degil_Bir_Mimari_Karari\">Sonu\u00e7: Ransomware\u2019a Dayan\u0131kl\u0131 Yedek, Sadece Bir Ayar De\u011fil Bir Mimari Karar\u0131<\/span><\/h2>\n<p>Ransomware \u00e7a\u011f\u0131nda, \u201cyedek al\u0131yoruz, sorun yok\u201d demek maalesef yeterli de\u011fil. Art\u0131k yedekler de do\u011frudan hedefte ve sald\u0131rganlar, yedek altyap\u0131s\u0131n\u0131 devre d\u0131\u015f\u0131 b\u0131rakmadan fidye talep etmeyecek kadar tecr\u00fcbeli. Bu y\u00fczden <strong>3\u20112\u20111 kural\u0131<\/strong>, <strong>immutable backup<\/strong> ve <strong>air\u2011gap katmanlar\u0131<\/strong> bir araya geldi\u011finde ger\u00e7ek anlamda dayan\u0131kl\u0131 bir mimari elde ediyorsunuz.<\/p>\n<p>DCHost ekibi olarak, ister payla\u015f\u0131ml\u0131 hosting, ister VPS, ister dedicated veya colocation kullan\u0131n; yedek mimarinizi ger\u00e7ek\u00e7i RPO\/RTO hedefleriyle, KVKK\/GDPR y\u00fck\u00fcml\u00fcl\u00fckleriyle ve b\u00fct\u00e7e k\u0131s\u0131tlar\u0131yla birlikte ele almay\u0131 \u00f6neriyoruz. \u0130lk ad\u0131m olarak, mevcut ortam\u0131n\u0131zda yukar\u0131daki 10 soruya d\u00fcr\u00fcst\u00e7e cevap vermeniz bile nereden ba\u015flaman\u0131z gerekti\u011fini netle\u015ftirecektir.<\/p>\n<p>E\u011fer yedek stratejinizi yeniden tasarlamak, S3 uyumlu immutable yedekler kurmak veya air\u2011gap ar\u015fiv mimarisini DCHost altyap\u0131n\u0131zda hayata ge\u00e7irmek istiyorsan\u0131z, ekibimizle birlikte proje planlama toplant\u0131s\u0131 yaparak ayr\u0131nt\u0131l\u0131 bir yol haritas\u0131 \u00e7\u0131karabiliriz. B\u00f6ylece olas\u0131 bir ransomware sald\u0131r\u0131s\u0131 geldi\u011finde, panikle de\u011fil, daha \u00f6nce prova edilmi\u015f <strong>felaket kurtarma plan\u0131n\u0131zla<\/strong> ve sa\u011flam yedeklerinizle hareket edersiniz.<\/p>\n<\/div>","protected":false},"excerpt":{"rendered":"<p>Bug\u00fcn bir sunucu g\u00fcvenlik denetimi yaparken ilk sordu\u011fumuz sorulardan biri \u015fu: \u201cRansomware senaryosunda, ger\u00e7ekten geri d\u00f6nebilece\u011finiz, dokunulmam\u0131\u015f ka\u00e7 kopyan\u0131z var?\u201d \u00c7o\u011fu zaman al\u0131nan g\u00fcnl\u00fck yedekler, ayn\u0131 sunucuda tutulan snapshot\u2019lar veya tek bir uzak depolama alan\u0131, ilk bak\u0131\u015fta g\u00fcven verici g\u00f6r\u00fcn\u00fcyor. Ancak fidye yaz\u0131l\u0131mlar\u0131n\u0131n art\u0131k do\u011frudan yedeklere sald\u0131rd\u0131\u011f\u0131n\u0131, yedek depolama kimlik bilgilerini hedefledi\u011fini ve a\u011fdaki her [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":3714,"comment_status":"","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[26],"tags":[],"class_list":["post-3713","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-teknoloji"],"_links":{"self":[{"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/posts\/3713","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/comments?post=3713"}],"version-history":[{"count":0,"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/posts\/3713\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/media\/3714"}],"wp:attachment":[{"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/media?parent=3713"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/categories?post=3713"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/tags?post=3713"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}