This is a guest contribution from Larry Alton.
Have you ever lost something important? Maybe your computer froze just before you hit “save” on a document, or maybe a sudden accidental coffee spill fried your hard drive.
Whatever the problem may be, without a backup of information contained on a hard drive – either using external hardware or a cloud subscription – you have to rebuild from scratch.
When it comes to managing a website, the loss of such information causes more than just a headache for you. It can also make important personal data vulnerable to cyberattack.
One of the benefits of working with WordPress is that you have a multitude of options for data recovery should the unthinkable occur. Unfortunately, many bloggers don’t understand why these security measures are important – or what they even do. It’s time to change that outlook.
What Is a Backup and Disaster Recovery Plan?
A backup and disaster recovery (BDR) plan lays out your strategy for dealing with any problem that could compromise your blog’s data, security information, and/or uptime. A good BDR plan will comprehensively describe how you will recover from a variety of problems – as well as how you will take precautions to (hopefully) prevent these problems from happening.
Features of a Good BDR Plan
If your site suddenly went offline, what would you do? It’s a little more complicated than just hitting the restore button on your backup widget. Your BDR plan should be flexible, including a smart combination of data backup with additional security features to protect that data. Let’s break it down a little further.
- Backup Tools. Make sure you have at least one backup version of all your information – and that all backups are up to date. Use automated, scheduled backups to copy your information to an external disc or to your cloud storage account. Then, make sure you have the right settings in place should you need to restore your entire site from a backup.
- Security Tools. It’s not enough to have a carbon copy of all your site data on hand. One of the most common potential disasters is a cyber-attack, which may require you not only to fully restore your site from previous backups but also to ensure the backups themselves have not been compromised.
Let’s break it down even further.
Part 1: A WordPress Backup Checklist
Any WordPress user knows that this site building and blogging platform has a number of quirks. It’s important to know the ins and outs of every aspect of your site, just in case you need to put a backup plan into action. Here’s a handy checklist to make sure you’re covered:
- Track your software logs. Any good backup software will include audit logs – which you can use to track everything that’s happening in the background of your blog’s operation. Boring as it may seem, reading your logs on a regular basis will give you a sense of what “normal” looks like. Should something go awry, these logs can provide invaluable diagnostic information, allowing you to identify what caused the problem.
- Keep tabs on your plugins. As a seasoned WordPress blogger, you’ve probably installed a number of plugins to increase functionality and improve user experience. Because third parties create plugins, they’re more susceptible to problems. Keep an inventory of which plugins you’re using, version numbers, and the dates they were updated. This will help you identify which one may be causing unwanted site downtime.
- Make copies of your intellectual property. A WordPress site is nothing without the content you’ve created. Graphics, blog posts, eBooks, and articles are your intellectual property, and they define your brand. Your site shouldn’t host the only copies of these pieces of content; best to keep them offsite (and offline) to protect them from being lost.
- Document irregularities. If you notice something wrong, take a screenshot and create a detailed record of the issue, including date and time of occurrence. These are invaluable tools if you need to explain the problem to a support person.
Part 2: Creating a Layered Security System
Now that you’ve created a system to ensure your data is backed up, it’s time to take a good look at your WordPress site’s security. Unfortunately, it’s virtually impossible to prevent someone from attempting to hack into your site – but it is possible to make your site very, very difficult to hack.
The scope of the problem is bigger than you might think. According to W3Techs, WordPress is the single most popular content management system in the world. It’s a free, open source solution with endless options for customization using external plugins. However, these beneficial features are also the platform’s downfall – which is to say they make WordPress sites particularly vulnerable to attack.
You’ll need to take a multilayered approach to security. There’s no perfect singular solution, so you’ll have to figure out which solutions make the most sense for your blog. It can help to work with an external provider to create a comprehensive plan to protect the valuable content on your site.
Your security solution will likely include some combination of security by obscurity, username and password safety, access monitoring, blocking directory browsing, and more. A managed BDR provider will provide invaluable input for furthering your site’s security in ways you may not yet have considered.
The Takeaway: Do You Need a BDR Plan?
Many WordPress site owners don’t have a BDR plan in place. But this is one scenario in which you shouldn’t be part of the majority, especially if you’re earning revenue from your site, have a large following, or have been targeted by cyber attackers in the past.
At this juncture, the purpose and benefits of developing and implementing a BDR plan for your WordPress site should be apparent. Whether you decide to create a do-it-yourself plan or defer to a managed service provider, a BDR plan will provide a needed level of security for your any site – including your blog. Ultimately, your prospects for recovery depend entirely on how well you’ve planned ahead.