This is the second post on the series about WordPress security, and my second advice is as simple as the first one, prepare for the worst. When catastrophe strikes, and you are prepared you can, and will recover fast from it, and be up and running in the shortest amount of time.
Disaster is the only fact you can trust
Might sound harsh, but it’s true, when you are planning your website you try to think ahead for a lot of different scenarios, you will wonder if your site will be successful or of only your mom will visit it. But the only thing that you can account as a fact is that sooner or later disaster will come, and how you prepare for it will dictate how fast you will be up and running again.
It is simple, and sometimes overrated. A good backup plan can prevent a lot of headaches when disaster strikes. You can do manual backups, and some times your host can give you daily backups for free, or by paying a small fee. But here I will put a small set of plugins that will help you keep your content safe, in case your site get’s compromised you can load a fresh installation and your backup and have a clean website in no time.
Vaultpress / Jetpack
Jetpack is one of my first plugins I install on all my websites, it gives WordPress lot’s of functionalities some inherited from WordPress.com. One of them is automated backups, it’s one of the premium features (paid), that takes the hazle of having to backup your website yourself. Plans starts at USD $9 per month for personal sites with daily backups and a 30 day backup archive, or USD $29 per month for realtime backups (excellent for high traffic sites, or user driven websites) and unlimited backups. Being an Automatic (the company behind WordPress) solution you can expect to work flawlessly with your site.
Codeguard is like Git for your website, it will not only save a copy of your database content (posts, pages, comments, etc.) but of your files as well. This is a huge bonus, if you ever get a virus injected on your site. I once encountered this kind of viruses, I got this site from a client who was fighting with this virus for a long time, the virus redirected the user to a porn website if he came from a search engine, if you entered the website directly it was business as usual. At that point the only solution was to pull a 6 month old backup, delete all of the site files, upload the back up, update WordPress and deal with the loss of 6 months worth of user content. If we had Codeguard, we would have a daily incremental backup, and it would only be a matter of requesting the restore and wait for the database and code to be restored to an issue free version Codeguard had saved for us. This is a paid service, but one that I gladly pay and suggest my clients to pay as well, they also have a free tier, where you can backup one site, one database and up to 1GB. What I think it’s missing is the realtime backups, at least for the DB, because with daily backups you will always have to manage with at least one day lost of content. If you have a static website is no big deal.
This is a free alternative from the WordPress plugins database that will help you solve your backup issues, letting you store your data on an FTP server, Amazon S3 or Dropbox for free, it is a very good alternative to both paid services described above. I do suggest you don’t use your own server for storing your backups via FTP, use an external one or incase you don’t have one Dropbox offers 2GB for free to their users and this will assure you to have your backups even if your server crashes.
Disaster may come in a different set of ways, and being prepared for it is part of your WordPress security plan, you’ll bounce back of most issues in no time.