You don't have to be a bank, government entity or celebrity to have your website hacked.
Small mom and pop businesses, charities and bloggers can all be targets of devastating website hacks. While there are many things you can do to help reduce your chances of being affected by malicious scripts, phishing schemes or keyword injections, it is important to be ready if a worst-case scenario hits your site.
Creating and cataloguing website backups gives you a way to "turn back the clock" and restore your website to an earlier state - one from before the hack was implemented. Once restored, you can then find the entry point for the hack and harden your site by changing code, passwords or adding new security measures. Restoring a hacked site to a previous state is usually much faster than cleaning up the files and databases that may be affected on a hacked website. Also of concern is the fact that many hacks leave back doors on your server that can be difficult to find and leave your site vulnerable to a future hacking attempt.
There are multiple ways to back up your website. Some website hosts provide automated backup services for free or as an add-on service. There are free Wordpress plugins that allow you to schedule backups and send them to Dropbox or Google Drive for off-site safe keeping. But for do-it-yourselfers, or those who want the peace of mind that comes from manually creating and downloading backups of your website, the steps are fairly straightforward.
Download a copy of your site files.
You can log in to your server via FTP or SSH to download the files to your local computer. To save storage space, you can compress or "zip" these files into an archive for safe keeping.
Download a copy of your databases.
Likewise, via SSH or programs like PHPMyAdmin, you can export your databases and compress them.
Download server configuration information.
If you have special settings on your server that you'd need to recall in the case of a full server rebuild, save that data for safekeeping as well.
Once you have backed up all of your website content, you should collect the files together, noting the date. Then, set another date in the future for your next backup. For sites that are rarely updated, weekly backups may be acceptable. For sites with frequent content updates, or sites used for e-commerce, multiple daily backups may be a better option. It's important to keep a few months of backups available as some hacks may not be immediately evident, and older backups may be preferable if reinstalling files or databases.
Yes, you should continue using difficult passwords, harden your website content management system and choose reputable partners for website maintenance. But just in case, have a library of website backups available so you can be back online fast after a hack.
If manually creating, cataloging and storing off-server backups is something you'd like to outsource for your business, contact us today. We also offer backup services as a part of our comprehensive Wordpress maintenance packages.