Jump to content

  • Log in with Facebook Log in with Twitter Log In with Google      Sign In   
  • Create Account

Subscribe to HRA Now!

 



Are you a Google Analytics enthusiast?

Share and download Custom Google Analytics Reports, dashboards and advanced segments--for FREE! 

 



 

 www.CustomReportSharing.com 

From the folks who brought you High Rankings!



Photo
- - - - -

What Do You Guys Use For Wordpress Backups?


  • Please log in to reply
13 replies to this topic

#1 lister

lister

    HR 5

  • Active Members
  • PipPipPipPipPip
  • 426 posts

Posted 20 June 2013 - 09:17 AM

What is the best solution?

 

I am very conscious that as my blog and SEO grows I get more hack attempts (mostly brute force attacks) I get more attacks.

What's your preferred backup solution? I know there are millions of plugins but what is your faultless solution?

I can't afford at the moment the automated solution so Im having to do things manually.

Thanks



#2 torka

torka

    Vintage Babe

  • Moderator
  • 4,683 posts
  • Location:Triangle area, NC, USA, Earth (usually)

Posted 20 June 2013 - 09:56 AM

Have you seen this article? 6 Top Wordpress Backup Plugin Recommendations

 

Several of the options recommended are free (so no budget issues) and they all sound pretty good. Personally, at the moment I use a combination of manual backups (for themes and plugins) and automated (for the database, using WP-DB-backup, one of the recommended solutions from the article) but may look in to some of the other options mentioned as well.

 

--Torka :propeller:



#3 lister

lister

    HR 5

  • Active Members
  • PipPipPipPipPip
  • 426 posts

Posted 20 June 2013 - 10:06 AM

Thanks for that - it's always good getting links from people that have been in the game a while.

 

Also - let me just add an obvious thing: test!

I have a site that has basically zero rank so Im going to test to 'break' wordpress and then re-install.

Key thing is however understanding where the vulnerability is and to patch and fix.


Edited by lister, 20 June 2013 - 10:06 AM.


#4 Jill

Jill

    Recovering SEO

  • Admin
  • 33,083 posts

Posted 20 June 2013 - 10:18 AM

Any of the back up plug ins work fine and can be automated. 



#5 torka

torka

    Vintage Babe

  • Moderator
  • 4,683 posts
  • Location:Triangle area, NC, USA, Earth (usually)

Posted 20 June 2013 - 10:27 AM

If you haven't yet, you may also want to look at this article from the Wordpress Codex: Hardening WordPress. There are a number of tips there that may save you some time/headaches. :)

 

--Torka :propeller:



#6 lister

lister

    HR 5

  • Active Members
  • PipPipPipPipPip
  • 426 posts

Posted 20 June 2013 - 10:32 AM

.......save you some time/headaches. :)

 

--Torka :propeller:

 

That's it. THAT is my Public Enemy One when it comes to WP - time devoted to repair hacks



#7 bobmeetin

bobmeetin

    HR 6

  • Active Members
  • PipPipPipPipPipPip
  • 535 posts
  • Location:Colorado

Posted 20 June 2013 - 12:28 PM

The advice recommended above is fine.

 

However, being who I am, I don't rely on any 3rd party extension/plugin to handle backup routines. I manage sites in Wordpress, Joomla, Zen-Cart and Magento.  The problem with some of the extensions is that they live within the CMS' framework and/or do the backups within the site's filesystem.

 

  1. If your site gets hacked you may not be able to get to the admin panel to be able to get it back online.  This does happen.
  2. If it is hacked there is a fair chance that the filesystem has been compromised meaning that the backups themselves are in jeopardy.

 

I write automated jobs (cronjobs) and shell scripts to do both filesystem and database backups and place them in a devoted backup folder inaccessible to hackers. With some of my sites I take that a step further and have written an automated job to send backups to another server.

 

You should also know that if a site is compromised that you may not know of it for months. A hacker can plant a virus/whatever to be used on demand at a later date.

 

There are several services out there that offer anti-hack monitoring for a price.  If your site is worth anything then it's worth quality hosting and and extra $20/month for peace of mind.

 

Also, check with your provider and find out what their backup routine is.



#8 lister

lister

    HR 5

  • Active Members
  • PipPipPipPipPip
  • 426 posts

Posted 20 June 2013 - 01:14 PM

Also - creating a hash for your site is a good idea right? So anything that is written alerts you to the change in hash and chances are its a sly .php file or javascript re-direct etc.

I'm correct with that right?



#9 bobmeetin

bobmeetin

    HR 6

  • Active Members
  • PipPipPipPipPipPip
  • 535 posts
  • Location:Colorado

Posted 20 June 2013 - 06:16 PM

You've wandered into unfamiliar territory.  I know what it means in relation to passwords and even creating image filenames, but here you have lost me. Can you provide a URL describing what you're getting at?



#10 chrishirst

chrishirst

    A not so moderate moderator.

  • Moderator
  • 7,301 posts
  • Location:Blackpool UK

Posted 21 June 2013 - 05:20 PM

http://en.wikipedia.org/wiki/Hashsum

 

Basically it creates a binary signature so you can verify that the data is intact.

 

If you do anything with downloading Linux distros you'll see that  MD5 and SHA1 hashsums are published so you can be sure that the distro has not been "tampered with"  or corrupted.



#11 bobmeetin

bobmeetin

    HR 6

  • Active Members
  • PipPipPipPipPipPip
  • 535 posts
  • Location:Colorado

Posted 22 June 2013 - 01:30 PM

This thread really belongs in a tech forum, but anyway...

 

Yes I know about the distributions but was not associating that here. So sure you upload a safe package, fine. You install it and now have 1000 files and as the site grows you can easily end up with many thousands plus the database.

 

I don't see how the original signature is going to do you a lick of good at that point.



#12 torka

torka

    Vintage Babe

  • Moderator
  • 4,683 posts
  • Location:Triangle area, NC, USA, Earth (usually)

Posted 22 June 2013 - 03:01 PM

The problem with some of the extensions is that they live within the CMS' framework and/or do the backups within the site's filesystem.

True, but as near as I can tell, all the backup plugins recommended in the article I cited offer several offsite backup options, including sending the backups to Google Drive, Amazon's cloud, Dropbox, etc., directly downloading it or having it emailed to you. I would never consider a backup option that only stores the backups in a folder on the same server as the installation itself.

 

--Torka :propeller:



#13 chrishirst

chrishirst

    A not so moderate moderator.

  • Moderator
  • 7,301 posts
  • Location:Blackpool UK

Posted 23 June 2013 - 07:46 AM

This thread really belongs in a tech forum, but anyway...

 

Yes I know about the distributions but was not associating that here. So sure you upload a safe package, fine. You install it and now have 1000 files and as the site grows you can easily end up with many thousands plus the database.

 

I don't see how the original signature is going to do you a lick of good at that point.

 

I think you missed the point of hash sums a little. Using a hash as a means of determining if anything has been changed on the site (integrity checking ) means having and maintaining a list of hashsums for every single file on the site, or at least the ones that are vulnerable and running a comparison if you think something has been changed without your permission. cPanel uses this method on a cron job and you will ocasionally get reports of file integrity failures after cPanel has been updated.



#14 bobmeetin

bobmeetin

    HR 6

  • Active Members
  • PipPipPipPipPipPip
  • 535 posts
  • Location:Colorado

Posted 23 June 2013 - 09:34 AM

No, I'm with you on that. Virtually all files are hacker vulnerable so this can be a major task. Regardless of what you do, backups/security is real work with costs.  Cheap comes with holographic fine print.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

SPAM FREE FORUM!
 
If you are just registering to spam,
don't bother. You will be wasting your
time as your spam will never see the
light of day!