Disaster Proof your WordPress Website
0 likes971 views
The document provides guidance on preventing and recovering from various potential disasters affecting WordPress websites, including hosting issues, software problems, and hacks. It emphasizes the importance of storing information safely and includes a resource list and checklist for further assistance. The author, Kate Newbill from 2fishweb.com, assures readers that being prepared can help them handle these challenges effectively.
Disaster Proof your WordPress Website
- 1. Disaster-proof Your WordPress Website Kate Newbill 2FishWeb.com
- 2. WEBSITE DISASTER What can go wrong?
- 3. WEBSITE DISASTER What can go wrong? How can you prevent it?
- 4. WEBSITE DISASTER What can go wrong? How can you prevent it? How can you recover?
- 5. What can go wrong? Hosting issues
- 6. What can go wrong? Software issues
- 7. What can go wrong? Site hacked
- 8. What can go wrong? Site hacked
- 9. How can you prevent: Hosting issues
- 10. How can you prevent: Software issues
- 11. How can you prevent: Hacker intrusion
- 12. What do all these measures have in common?
- 13. Store your information in a safe place
- 14. How to recover in case of disaster
- 15. Relax. You've got it handled.
- 16. I'm Kate Newbill 2FishWeb.com Download the PDF resource list and checklist: http://2fishweb.com/security/
Editor's Notes
- #2: Client call 1: ““Kate! I’m at my wits’ end. My site’s been down since Thursday and tech support says they don’t know when they can have it back up. We’re in the middle of a program launch and we’re losing money every day. What do I do?” Friend called in tears: “I just went to write my weekly blog post and my site has been hacked. Oh, Kate, what do I do?” He forwarded an email from his webhosting company: “We’re sorry to inform you that the server which housed your site suffered catastrophic hardware failure last night. We have moved your account to another server, but unfortunately, all data was lost and is unrecoverable. Please contact tech support if you need assistance in restoring from your local backup.”
- #6: Web hosting issues Site goes down, host has no ETA for restoral Host disappears or shuts down without notice Conflict with host; - site taken down or held hostage; - host has domain name registered and holds hostage
- #7: Software issues Database crashed or corrupted Update to WordPress, plugin or theme breaks the site Site gets stuck in maintenance mode
- #8: “But mine is just a small site – they wouldn't hack me.”Willie Sutton - “that's where the money is.”- Ego inflation for the hacker- Pharma or other spam injection – can make Google delist you- Can send out spam from your site- Can use your site to attack others- Can inject malware on your site to phish others
- #9: “But mine is just a small site – they wouldn't hack me.”Willie Sutton - “that's where the money is.”- Ego inflation for the hacker- Pharma or other spam injection – can make Google delist you- Can send out spam from your site- Can use your site to attack others- Can inject malware on your site to phish others
- #10: Website=storefront – don't build it in a shanty. don't use the cheapest host or one that promises “unlimited” storage/bandwidth look for responsive and helpful tech support support in a format you're comfortable with (phone, email, ticket, live chat) register your domain name yourself through a separate entity, or be sure you are listed as the Registrar and have access to move/change DNS if necessary. Have a backup webhost chosen. Backups! Keep up-to-date copy of the wp-content folder and the db on your own hard drive at all times. (belt and suspenders) Keep daily offsite backup on remote location such as DropBox (but mention DropBox and Google Drive upload limits) Weekly offsite backup of the full site, especially if running email through your domain.
- #11: Keep the site clean. Plugins and themes from reputable sources only. Delete any plugins/themes not in use. (Leave default theme + active theme and parent) Preventing database crashes hosting account with sufficient memory limit (preferably) database on localhost, not remote server use cacheing plugin – serves static pages, minimizes db read/write daily offsite backups (DropBox or download locally)
- #12: Barricade the castle! don't use “admin” username strong passwords security plugin(s) to help lock down and monitor activity Offsite backups at least once per week consider a service or consultant to help More in-depth prevention advice use a hosting company that takes security seriously One WP installation per account disable theme/plugin editor in dashboard no database management plugins don't access site via public wifi – use VPN and SFTP
- #13: Minimum: Backup database daily Backup full site, including db, once per week, offsite DropBox is easiest; can also email or download Services/plugins: VaultPress – continuous backups, 30-day archive ($5/site/mo) BackupBuddy + Stash ($80/yr – 2 sites= $3.33/site/mo) BackWPUP (free plugin, can connect to DropBox for storage) Make sure you know how to restore.
- #14: Minimum: Backup database daily Backup full site, including db, once per week, offsite DropBox is easiest; can also email or download Services/plugins: VaultPress – continuous backups, 30-day archive ($5/site/mo) BackupBuddy + Stash ($80/yr – 2 sites= $3.33/site/mo) BackWPUP (free plugin, can connect to DropBox for storage) Make sure you know how to restore.
- #15: Sometimes, no matter what precautions you take, stuff happens. Contact the webhost If they are not responsive or can't tell you when it will be back online, take action to move the site, either temporarily or permanently. (This is why you choose a backup hosting company.) If you have full offsite backups: set up new hosting account, provide access to your backups for the transition support team, change the DNS pointers at your registrar, and you're back in business in a few hours at most. If you don't have full backups: set up new hosting account and new installation of WordPress. check the Wayback Machine to see what, if anything, is recoverable, or start over.
- #16: Sometimes, no matter what precautions you take, stuff happens. Contact the webhost If they are not responsive or can't tell you when it will be back online, take action to move the site, either temporarily or permanently. (This is why you choose a backup hosting company.) If you have full offsite backups: set up new hosting account, provide access to your backups for the transition support team, change the DNS pointers at your registrar, and you're back in business in a few hours at most. If you don't have full backups: set up new hosting account and new installation of WordPress. check the Wayback Machine to see what, if anything, is recoverable, or start over.
- #17: Sometimes, no matter what precautions you take, stuff happens. Contact the webhost If they are not responsive or can't tell you when it will be back online, take action to move the site, either temporarily or permanently. (This is why you choose a backup hosting company.) If you have full offsite backups: set up new hosting account, provide access to your backups for the transition support team, change the DNS pointers at your registrar, and you're back in business in a few hours at most. If you don't have full backups: set up new hosting account and new installation of WordPress. check the Wayback Machine to see what, if anything, is recoverable, or start over.