In April 2013, I started a conversation on ways to make your WordPress website more secure. Since that time, I have received several clients whose sites had been hacked or where we found that people had tried to gain access.
This article is the first part of a more detailed WordPress Security series designed to help you secure your WordPress website. We’ll discover the best ways to keep your site secure including WordPress Security Plugins, and scanning and cleaning services. Please note that even if you don’t have a WordPress website, many of these tips apply to any website.
Backup Your WordPress Website
Backup, backup, backup! The lack of a backup system is the biggest securty hole I see in websites. Loss of data whether by hacking, failed hard drive, or other corruption is NOT a question of IF. It is a question of WHEN. You should have backups of your website and they should be set to automatically run as frequently as you update the site. So, if you blog weekly, then your backups should run each week. If you blog daily, they should run daily.
Backups should not be kept on the same server as your website. If the whole hard drive fails or is corrupted, having your files saved on that drive is akin to not having a backup at all.
Please note that we are referring to a backup of your website not your laptop or desktop computer. Your website resides on a web server, which is a computer out on the Internet. It does not reside on your personal computer, so having a service like JustCloud or Carbonite for your laptop does not protect your website.
Please don’t count on your web host to backup for you. While web hosts do create backups, you cannot control the frequency or the quality of the backup. If you are relying on your webhost, you may find yourself with a site that hasn’t been backed up in awhile.
When backing up a website that runs in a database driven, CMS (Content Management System), like WordPress you must also take care to backup properly. You must backup both the files and the database in order to have a complete backup. Note: This is an issue I have seen when a person depended on the webhosting service for a backup. The files were backed up, but the database was not.
Follow-up, after you have set your backups to run, you should check at least once a month to insure the quality of the backups. And that they are running as scheduled. This can usually be done in the log files
Fortunately, WordPress Backup Plugins, like Backup Buddy, Backup to Dropbox and Updraft Plus, make configuring an automated backup easy.
So why do you want to make sure you backup your website? You put hours and hard work into building a site that is successful for your business. What if it were gone tomorrow? Basically, your site and your data mean more to you than anyone else, so make sure you protect it appropriately.
Need help configuring your backup, contact Kim to receive information on our upcoming classes and webinars or to request a quote for us to configure your backup for you.