Backing Up Your WordPress
A simple yet often misrepresented security issue is the simple process of keeping a backup of your site files. Even though everyone understands that “they should have” backups the general consensus is that too many sites do not keep accurate backups.
People often feel that backups of a website are the responsibility of the hosting company.
This cannot be further from the truth.
Even though hosting companies often keep a backup of “their system”, which is available should they suffer a large scale outage, those backups may not be available to the general public.
Having been a manager for a web-hosting company in the past I would often run into users who lost files and mail only to be told that we could not help recover them.
BACKUPS OF YOUR SITE FILES IS YOUR RESPONSIBILITY.
Make sure you have installed a backup plugin. Here is a simple one that we like.
Plugin Version: 2.3.3
WordPress Compatability: 3.6.1
Last Updated: 8-22-2013
Average 5-Star Rating: 4.5
We like simple plugins and this one is pretty simple to install and use, as it requires no actual setup to use. This covers backups and easily allows you access to them for downloading and storage.
Here are the basics for what this plugin does:
BackUpWordPress will back up your entire site including your database and all your files on a schedule that suits you.
- Manage multiple schedules.
- Super simple to use, no setup required.
mysqldumpfor faster back ups if they are available.
- Works in low memory, “shared host” environments.
- Option to have each backup file emailed to you.
- Works on Linux & Windows Server.
- Exclude files and folders from your back ups.
- Good support should you need help.
- Translations for Spanish, German, Chinese, Romanian, Russian, Serbian, Lithuanian, Italian, Czech, Dutch, French, Basque.
Some of the issues as to why we like this plugin are not easily seen up front, so let’s take a deeper look.
One aspect we like to do is to change the wp-content folder to something less likely to be “pre-scripted”. This is not a true defense for security but helps to prevent such scripted attacks that hit the wp-content folders. If you have ever changed that folder name, which can be done in Better Wp Security, you may have encountered some issues.
Which is where this plugin does not hiccup at all. Many plugins have “hard-coded” the reference to the wp-content folder. This was an older practice that some plugins have yet to fix. This plugin is using the correctly formatted dynamic references for the content folder. This means no manual editing of plugins files to account for non “wp-content” folder naming issue. (which we have encountered in several other plugins).
Additionally, this plugin is super simple to process a manual backup. Something we do whenever we do major changes. just visit the plugin option page and click run now.
The backup section also shows you rhe size of the backup files. We actually use this as a first line of defense by knowing the sizes of our general database and backup files on a consistent basis. Should the backups or DB file sizes jump drastically overnight then we know something has happened.
We have used the backup mailing to ourselves, but you may run into issues with backup size. Many systems will not allow email attachments larger then 10 megs. Also, Email is not entirely secure, so we feel this does represent a security issue if used.
These are those little security issues that most people will not consider, but you should at least be aware of and make your own decision.
For tweaking this plugin we do recommend that you set the number of backups to a reasonable level. We like to use daily database backups for 14 (two weeks) and we set the main full backup to a total of 5. This gives us at least one month of backups without taking up too much hard drive space.
Please note: manually backing up will cause the last copy to push out and get deleted. So make sure you download your files if needed.
Additional tweaking we recommend is specific to caching. If you are using a caching plugin then use the “EXCLUDES” option to ignore the cache folder. There is no sense in storing files that are not likely to change and in my opinion are going to get flushed regularly anyways.
Excluding files you are not worried about will also make your backup files smaller in size meaning quicker downloads and less storage needed.
A feature we would love to see implemented within this plugin is a restore option. This we feel would make it a complete package. The plugin is free and for that price it is one heck of a plugin. This plugin easily holds its own against those larger backup plugins.
We actually prefer this one to several of the other backup utilities out there. Simple, lightweight, and it works right out of the box. That’s why it is this weeks POTW.
Grab the plugin from the WordPress.Org Repository here: