As we mentioned many times before, website security has become a top topic among Internet experts and website owners. In 2014 alone over 9 Million websites were infected by malicious scripts or directly hacked by hackers. Experts are now saying that 2015 came close to doubling that number. Either way it has reached epidemic proportions. As a site owner, it worries you and it should.
Websites of all forms and sizes are being hacked every second. It does not matter if you own a store in a small US town or are the CEO of a large international company, your website is at risk. Most hacks are done via malicious scripts that roam the Internet looking for a way into websites. Why do hackers do that? Primarily they do to build their portfolio (yes a portfolio of how many sites their script hacked so they can demand more money when they are hired to hack a specific site!). Whatever the reason, it can be damaging to your business especially if you do not have backups.
Backups are like an insurance policy that, if anything bad happens to your site, you can restore your site to a previous clean copy in a short amount of time. If you do not have backups, you just lost your website.
Different methods to do backups
If you host with one of the largest hosting providers like GoDaddy or Network Solutions, you should be able to access your hosting dashboard easily by logging in. In most instances, there will be an option to back up your website files and folders. Typically these manually generated backups are saved directly onto your server.
Experts like SiteLock recommend to download these backups from time to time and save them on your local hard drive (aka your computer or local server if you have one). Then delete the backups from the server. Finally make sure your local hardrive (where you store the downloaded backups) is backed up onto a Cloud based-system like CrashPlan or Carbonite.
If you are on a cPanel system (most common and fairly user friendly), log into your hosting account and go to the cPanel or hosting section. There you can access your actual backups and download then directly onto your computer.
Many servers like those with a cPanel interface can automate the backups for you. This is not very complicated to set up and often times you can call your hosting provider and ask them how to that.
Once the automated scripts for backups are set, then follow the instructions from before … download them regularly onto your computer, make sure your computer is backed up on the Cloud and remove backups from the server.
Leaving these backups on your server is not recommended but also they will take server space so your hosting provider may ask you to remove them to make space or your may reach your hosting limit.
=3= Hire someone to do the backups for you:
A lot of hosting companies are coming up with paid backup services. GoDaddy for instance has recently launched Site Backup & Restore and it does exactly that. It backs up your website and can restore it for you. Contact your hosting provider today and see what they offer. Also ask them what happens if your site is compromised, what the process for restoring the site is, how often they back it up and so forth. Ask them all of your questions ahead of time so that you are prepared in case your website is hacked, compromised or lost. Preparation and knowledge will minimize the downtime of your website.
What to back up … Do not forget the database!
Backing up the website folders and files is easy enough but one thing people forget all the time is to backup their database. Most sites have a content management system like WordPress, Joomla, Drupal, a Custom CMS or other. If you have a CMS or eCommerce site you have a database. The content of your web pages (text, photo, product details, miscellaneous data, etc.) is not stored in your website files but inside a database (SQL, mySQL or other). This is crucial that your database is backed up regularly.
Whichever backup methods you decide to go with (manually on your own, semi-automated or with a paid backup service) make sure it backs up the database (or databases if you more than one).
If you are handling your backups on your own, you can once again access the cPanel dashboard, go to the phpMyAdmin section under Databases. Click on the phpMyAdmin link, next click the database name and then simply click Export and save the copy on your computer.
How often to backup and how long to save the backups
The answer depends on how often you make changes and if your site is static or dynamic (maybe you have members who log in often and make changes in their own account), etc.
If you do not have a programmer make changes to the code often then once a month (we recommend the same date each calendar month) is good enough for the website folders. For the database, once a week if you make changes in your content management system weekly. If you have a membership site or any site that holds information (examples: people registering for classes or events, eCommerce sites where visitors buy products or services), then you should do this weekly. Some of our largest customers have changes happening to their site daily and backup their database every night.
Again this can be done manually or automatically.
Keep each backup for a calendar year. If you only keep your last backup and did not realized your site was compromised three months ago, you can only restore to the last version. Sometime the “clean” version is several backups ago.
Our recommendations in a nutshell
=1= Use automation.
=2= Backup your website files every first of each calendar month.
=3= Backup your database every Friday.
=4= Save the backups on your PC.
=5= Keep each backup for a calendar year.
=6= Install a Cloud backup service on the PC where you store the website backups.
With these procedures in place you can rest assured that you won’t loose your website investment to hackers and will be able to get the website back to normal in a short time.