Wordpress Security » Backups

Local Backups

David Turnbull — Mon, 05 Oct 2009 00:26:53 +0000

This may be overkill and is the only part of the system that you don’t really need to put into place, but if you like the idea of having your backups stored locally (which has the convenience of being able to restore them easily) then you’ll like this idea.

Basically, setup the email backup system described previously but use a desktop mail program such as Mail.app for Mac or Outlook for Windows to download the emails to your computer. *BAM* all your backups are now on your system.

If you’re a Mac user buying a Time Capsule will allow you to backup your local computer (including all the website backups) and because it’s wireless you can just shove it in a cupboard, out of sight and never think about it again. That’s some extreme blog backing up right there. Tad overkill, but the Time Capsule is a very nice device.

You might also want to read...

Web Host Backups

David Turnbull — Mon, 05 Oct 2009 00:23:04 +0000

If you’re not using a web host that performs its own daily backups then switch (I personally use thiswebhost.com and they’ve been fantastic so far). But never rely on the backups from your web host.

It may be relatively uncommon for web hosts to lose your data but they’re not immune to the possibility and even if they claim to perform regular backups you can never really know how comprehensive their systems are.

Use a web host that performs their own backups because it gives you just 1 more layer of protection, but don’t use them as a replacement for your own system. Think of them as a bonus.

You might also want to read...

Email Backups

David Turnbull — Sun, 04 Oct 2009 22:42:06 +0000

Nowadays, email services offer huge amounts of storage for free, far more than anyone should need. But now it has a use: to store backups. I’m a Gmail man myself, and I recommend them for a few reasons:

Ever increasing amounts of storage.
Advanced filters so your backups don’t clutter your inbox.
Brilliant email service overall.

Any email account will do though, so lets just jump straight in.

Plugin: WP DB Backup

WP DB Backup is the premier database backup plugin for Wordpress. Simply install the plugin and then enter the email address you want the backups sent to.

Choose the backup frequency based on your blogs activity. I backup once per day, because I receive a moderate amount of comments. If you receive a greater number of comments throughout the day, or simply post more frequently, then increasing the backup frequency to twice per day is probably a good time.

Plugin: Wordpress Backups

Wordpress Backups isn’t a plugin I use these days because it doesn’t scale well for large blogs and I figure it’s best to just stick with tools that have continuity. But what it basically does is backup your blogs files (plugins, themes etc) and then send them via email just like the WP DB Backup plugin.

If you aren’t interested in paying for Amazon S3 then this is a suitable alternative, but just be mindful of the fact that it’ll probably stop working if your blog gets too large.

You might also want to read...

Ethical and Privacy Issues of Data Storage

David Turnbull — Sun, 04 Oct 2009 22:37:38 +0000

Storing backups is a tricky topic to tackle because the backups themselves need to be secured and there are certainly concerns about how accessible your data is, and what type of ownership 3rd parties have over your data. Instead of exploring every specific ethical issue around storing data, here are 3 fundamental rules you can remember:

Local you can protect, but offsite is protected. Any data that is stored locally has the huge advantage of being accessible by yourself whenever you want to just walk up to the machine and login to it. This means that it’s possible to go through whatever measures you wish to protect those backups. Whether that be as something simple as using a power surge protector and a backup power supply or going as far as building your own cloud computing system with 24/7 security. Obviously the feasibility of those latter measures is low for the majority of people reading this guide.

But offsite is not without its advantages. While you cannot access the hardware directly, your data will most likely be in an environment that is not feasible for your personal use, one that has 24/7 security, onsite technicians, fail-safes, fire protection etc. You certainly have less control of the protection, but maybe giving up that control is worth the additional features?

Is your data that important? If you’re data is stored offsite and you’re worried about your data being compromised, ask yourself this: is your data that important? If you’ve setup a system to backup everything to a cloud computing service, and some disgruntled employee thumbs through your database backup and finds your password (which, remember should be a password that is ONLY used with this single installation of Wordpress) is there really a lot that can happen? It’s easy enough to recover your data from another backup destination (see the upcoming “Best Practices for Backups” section) and then just never work with that company again.

It’s certainly appropriate to feel violated if your data has been accessed in such a way, so I’m not justifying the actions of any individuals that do so, but in many cases you’ll realize that 99% of the data your backing up is publicly accessible from the blog anyway. It’s definitely not a reason to deal with dodgy companies but this knowledge will help you make informed decisions.

Larger companies have more to lose. Saying that larger companies are more reliable than smaller companies would be a pretty dumb statement, so I won’t say it (wait, I already did…dammit) but I believe in terms of data storage companies, it’s true.

If, for example, it was leaked that Google employees were reading emails stored in Gmail, it would take just a few minutes for the internet to explode in anger and Google would instantly lose the trust of millions (billions?) of people. On the other hand, some small startup that does the same thing has a lot less to lose and would cause less of a commotion.