Why are Backups & Security Important..??

Why are Backups & Security Important ??

I have been asked this question a few times these past few months, and thought I’ll write a Blog post on it today – as to why is it necessary to take regular back-ups of your site – and also, why is it necessary to monitor your Security almost daily…

Let’s look at everything around Security First…

 

Security Checks for WordPress Site

What is Security Checks

Most people running a WordPress  website – have noticed already, that Hackers love to try and attack WordPress sites…

Many just do it for fun, just to get in, and leave a mark somewhere on your site that says “so and so was here”, and/or just to cause a lot of frustration for you by bringing your website down – and make the servers crash…etc..

BUT: There are Many more that want to come in for all sorts of Malicious reasons as well. The biggest being to try and steal your data, for malicious intent, and to blackmail your users / clients for whatever reason.  And if they can copy / steal your identity or your credit card details, etc, even better..!!!  Or they will “plant” malicious code on your server – that can have all kinds of Viruses etc – which can cause Pop-Ups on a client’s screen with any kind of message – to entice people to go to another link / site to enter their details, and in so doing “steal” their identity and use it for their own benefits whatever they may deem “appropriate” to them..

Each one attacking your site has their own agenda – and no use saying or thinking “aaag, my site has nothing to offer – if anyone wants to hack it, they’re not going to find anything“….  Thinking/saying that is being ignorant of the potential harm that a hacker can and wants to do.  They aren’t looking at what you see – they are looking at “what is in it for me – what can I get out of your site…”, and believe me, they can get all kinds of benefits out of your website that you never even thought was possible…!!!

And WordPress sites – are very “easy targets” – if not maintained properly…!!!!

There are so many “easy routes” to get into your system – if your security isn’t monitored daily, and every Plugin and Theme properly tested and kept up to date with the latest releases, and all file permissions setup properly on the server, and/or you’ve just renamed one of the WordPress security files as a .old or a .keep and the security on those files aren’t handled the same as the actual WordPress files itself, then there are “very easy” ways to get in to a WordPress Site…!!!   We can so easily make a mistake – or just forget to delete something once we are done with it – and think “l’ll just keep it for a bit before deleteting it”, and then someone comes along and pick out that very thing we “left for later”…

And thus, especially when you have a website that is looking for internet traffic, and want to make good sales with your website and want people to subscribe to your services –  are an open target for hackers to try anything and everything they know, to come in with all kinds of ideas and intentions etc…!!!

BUT: Don’t think it is just the big sites and the big brands they attack – they will try anything and anyone – even if it is just for the thrill of getting in – and letting others know what they did to get into your site…  And before you know it – everyone is targeting your site…

The WordPress software in itself is safe – there has been a lot of development and skill that went into the design of it – to ensure that the Basic WordPress Software is safe and secure. And It isn’t so easy to Hack a Lynux server – hidden behind Firewalls where your website is running on, but the website is a Client facing site with software that are much more “open” and not necessarily all “hidden” behind firewalls etc..

And thus when running a WordPress site with old versions of WordPress, Themes and Plugins and even PHP or MySQL DBses, is asking for trouble. Sooner or later “someone” out there is going to find a way to circumvent all the rules, and find a way to get in.  If it hasn’t happened to you yet, doesn’t mean it can’t happen in the future..

BUT Remember: No One is exempt from a Hacking Attack… !!!!
Now you may say/ask – but if WordPress sites is so “hack-able” – then why even bother using WordPress for my Website…

Because WordPress is one of the best options out in the market to run a Website on.  It is much more stable and has a huge flexibility to develop a Website on, and because it is an Open Source Platform, it is open for anyone to develop anything to their heart’s desire – and you even get a bunch of Themes and Plugins for free. Other packages has all kinds of restrictions and limitations on them again, and you are lucky if you get anything for free. Yes, they may have great support compared to an Opensource Environment – but they still have a lot of restrictions, and isn’t always that cheap either….

Thus, you need to balance the one with the other – what are you looking for, vs what are you willing to pay vs how flexible you want your website to be for future growth… and implementing new things etc. Standard Templates is exactly that – they are “STANDARD”   –  and thus it becomes a battle eventually of what you are satisfied with today, may not be working for you tomorrow or next year as every business grows and changes over time – and then it becomes “difficult” to move from one Template onto another – or adding extra things (plugins) to your website.

But I’m not going to go into all the reasons behind which package is better – or what option to follow for what situation – that I will cover maybe in another blog some day soon…

BUT for now My advice is:  IF you eventually do choose WordPress to be the Software route to go for and to use for your website, then please take in mind that you must consider Security as well, and follow all the necessary security steps, to ensure your site is as safe as you can possibly make it.

There are some great Security Plugins you can use – some are for free – and some are asking for a Monthly or Yearly Fee. Consider adding it to your budget – and plan for it up front…

And do your homework – Compare the different packages against each other – and see which one caters for what. There are various Pros and Cons for each package that is available. And it is hard to find one that covers everything.  Thus you need to decide what is better for your business compared to something else..

I’m not going to compare any packages in this post either – as this post will then get too long for reading… But there are great posts written already on the different packages – just do a bit of re-search and you will find all the names..etc..

OR: if you want to know more, please don’t hesitate to contact me – and I’ll share with you my ideas and insights of what I have found already from my research that I have done.

But make that investment and do that research – you won’t be sorry you did…

 

Now Let’s talk about BACK-UPS

From the above you have probably realized already – you will need a back-up of some sort – that if your site do get hacked one day, that you will be able to get your site online and running again ASAP !!

‘Cause for many businesses  if your site is down – that means LOST OF SALES !!!

And you can’t afford for your site to be down for one day – let alone for a week or 2 or 3 even…and not even thinking of having to rebuild it all again… how long that is going to take. You know how long it took to get to the point where you are now in your business.  Why risk it all on 1 hacking attempt that might succeed someday.. ???

For Many business have experienced the impact now of “lost sales” – with the Lock-down period where they aren’t allowed to sell anything for a while – and it is terrible – it is a huge cut on your budget – affecting everything down the line when those sales aren’t coming in as they used to…!!!

So just imagine what it would feel like if someone hacked your site – and brought it down completely – and even damage your reputation in such a way – that you’re sales drop from hundreds of thousands down to almost nothing in a day – and you have nothing to fall back on, and get your site up and running again…??

And if Google detects that there is any form of Malware on your site – or even worse, they can pick up that your site has been hacked – your Google rating will also drop to almost zero very quickly – and your normal “traffic” that came through to your site – will just vanish away – and go somewhere else… And everything you worked hard on to build your online business – will just vanish away in a moment…!!!

THUS: If you want to be sure you can get your site up and running again as quick as possible – you need good and regular backups..!!!

Taking a backup just once a month or so, isn’t good enough – you need at the absolute minimum a Daily backup of your Database – and a weekly Backup of your Theme and Plugins, and depending on how often your data changes – you might have to look at updating your Media anything from daily to every 2nd day, 3-times a week, or weekly at the very least…

‘Cause to get that data and media back that you lost – might be very difficult – and if you depend on Blog Posts for your SEO to draw your traffic – you need that info to come back up asap…

And if you have people subscribing to your website – you might consider even updating your DB hourly !!!

And thus, to cater for all this, you also now need to think about Storage Space

And you may need to ask yourself the following 2 questions:

  1. How much Storage space do I need
  2. and Where do I keep my backups

As the answer to these 2 questions – will determine and affect your budget and security as well…!!

Let’s look at point 1 first…

 

1) How Much Storage Space do I need ?

Well it isn’t that difficult to work out. Just do a back-up of your site as it is right now – and then look at the size of your DB Back, your Themes backup, your Plugins Backup and your Media backup.

Then, say for instance your DB backup is 5mb – and you want to do a daily backup – you will thus need at least 5mb * 31days = 155mb minimum per month

BUT: Remember there is always growth in your DB – and depending on how busy your site is – you need to cater for at least an extra 25% to 30% space for growth for the month:

Which then works out 155mb + (155mb* 30%) = 155mb + (47mb) = 202mb  just for your DB for 1 month that you will require at an absolute minimum to store your backups “somewhere”…

Now do the same calculations also for your Themes, your Plugins, and all your Media…  depending on if you want to take daily or weekly or bi-weekly or whatever frequency you choose for each one..

Once you have that Total Figure – again cater for another 30% increase on top of that figure – to cater for growth in the months to come.

And then you need to decide how long do you want to keep your backups for – and for what purposes…etc

There are some files you can backup once a month – and then just backup whatever changed since then – and there are folders that you can backup once a year only – and just keep those backups stashed away to save space on your regular backups…

 

Once you are done with this exercise – then we can move on to point 2:

2) Where do I KEEP my Backups ?

Now this is where most people think that keeping it on my laptop is fine – when I need it it is there immediately… or just keep it on the Website server – that is easy enough…

And yes, up to a certain point that can work for you.

BUT: Have you thought of – what if my laptop crashes, or get stolen or something – there goes all my backups..!!!

Or if they managed to hack your website – the chances are – they go to your backups too !!!  And then when you look for your backups, they are either deleted, or infected as well with their malicious code…etc..

And if you aren’t doing your regular Security checking – and only wait for the day that you have a problem – then your backups might be all infected – and you have nothing to fall back on that is proper anymore…

Thus: you need to also consider have an Off-site storage space available – even if you just drop your files on it once a week – it is still better than not to have anything…

But: There are Security and Back-up packages that also offer Off-site Storage space – and it is well worth investing in using their Space. The cost of that storage space will be well worth it in the long run, when you need to fall back on it… And it will also be a place that the hackers can’t get into.

Thus make sure your Password for your Storage Space isn’t the same as that of your Website – that when they get to your website – they still can’t get to your Storage Space where your backups are stored.  And also keep your backups on your offsite storage for a little longer than what you keep on your Website server or Work Laptop…

 

 

SUMMARY

Thus, to summarize all of the above:

  1. Keep your Security Monitoring of your WordPress Website Up to date – and don’t leave it for a day you don’t have much to do, and when you feel like “let me check my security today”…
  2. Make a habit of Checking it every morning as part of your daily routine, before starting with your business.  Those 15 to 20 minutes going through the logs every day, will spare a lot of surprises later on, and you will also learn a couple of things of what hackers look for, and what to check for. The Logs from the Security Packages can pick up a lot of things you didn’t even know about. It will even highlight some other issues you didn’t know you have – like broken links, etc…
  3. Invest in a Good Security Package – it will be well worth your money, time and budget.
  4. And also Take Regular backups – and keep some off-site as well for that “just in case” moments…  when you just might need it the most..

AND: IF you find you just don’t have the time to worry about all this, then there are businesses that will assist you and do it for we..

And we at DSH Web and Graphics Design – knows the “pain” of monitoring your security and your backups regularly as well having to make sure that everything is tested, and that you even have a “test site”  where you can test a particular Plug-in or Theme – to see what  the impact will be when you do install that Plugin or Theme you are thinking of loading…etc..

THUS:    Give us a Call, or drop us a message – either in our contact form towards the right of this blog post or you can even send us a message in the little Help Box in the bottom right of your screen – and we can work something out for you that will make your life easier – so  you can focus on what you do best – Selling and Managing your Business !!!

 

Hope this article meant something and made a few things a bit clearer about WordPress Security and the reasons behind taking regular Back-ups…

And Please Tell us what you thought of this in the comments section below… We would love to hear from you…

Stay Blessed and Stay Safe !!!

Share and Enjoy !

0Shares
0

Susan Hammer is the Owner and the Website Developer for DSH Web & Graphics Design, as well as a Pastor from Cry of an Eagle Revival Ministries. Her Passion is God's Kingdom first and her skills are in IT, which she now use to promote God's Kingdom in everything she does.

Leave a Reply

Your email address will not be published. Required fields are marked *